RESOLVED FIXED 135471
CodeBlock fails to visit the Executables of its InlineCallFrames 
https://bugs.webkit.org/show_bug.cgi?id=135471
Summary CodeBlock fails to visit the Executables of its InlineCallFrames
Mark Hahnenberg
Reported 2014-07-31 13:56:07 PDT
This leads to crashes after these Executables are prematurely deleted and then accessed later.
Attachments
Patch (3.45 KB, patch)
2014-07-31 13:59 PDT, Mark Hahnenberg 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Mark Hahnenberg
Comment 1 2014-07-31 13:59:19 PDT
Created attachment 235840 [details] Patch
Geoffrey Garen
Comment 2 2014-07-31 16:36:53 PDT
Comment on attachment 235840 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=235840&action=review > Source/JavaScriptCore/bytecode/CodeOrigin.h:153 > return jsCast<JSFunction*>(calleeRecovery.constant()); > return 0; > } > + > + void visitAggregate(SlotVisitor& visitor) > + { > + visitor.append(&executable); > + } This poor second-class class can probably be a first-class class in its own header. That way, we provide upward mobility inside our code base.
Geoffrey Garen
Comment 3 2014-08-01 13:17:48 PDT
Comment on attachment 235840 [details] Patch Clearing flags on attachment: 235840 Committed r171946: <http://trac.webkit.org/changeset/171946>
Geoffrey Garen
Comment 4 2014-08-01 13:17:50 PDT
All reviewed patches have been landed. Closing bug.
Csaba Osztrogonác
Comment 5 2014-08-01 14:01:09 PDT
(In reply to comment #3) > (From update of attachment 235840 [details]) > Clearing flags on attachment: 235840 > > Committed r171946: <http://trac.webkit.org/changeset/171946> It broke the non Apple builds as the EWS noticed it. Thanks. :-/ Buildfix landed in http://trac.webkit.org/changeset/171949.
Note You need to log in before you can comment on or make changes to this bug.