<rdar://problem/8890203>

Created attachment 79611 [details] Patch Changed YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists() to resolve a DataLabelPtr is possible so that we don't overwrite an existing unresolved DataLabelPtr.

Comment on attachment 79611 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=79611&action=review > Source/JavaScriptCore/yarr/YarrJIT.cpp:944 > + // If we have a backtrack label, connect the datalabel to it directly. > + if (m_backtrack.isLabel()) > + generator->m_expressionState.m_backtrackRecords.append(AlternativeBacktrackRecord(dataLabel, m_backtrack.getLabel())); > + else > + setBacktrackDataLabel(dataLabel); Is it at all possible to add an assertion so the we catch any attempt to clobber a label in future? Also this doesn't appear to clear m_backtrack any more so afaict every label will be pushed onto the backtrack record stack > Source/WebCore/ChangeLog:11 > +2011-01-20 Michael Saboff <msaboff@apple.com> > + > + Reviewed by NOBODY (OOPS!). > + > + Need a short description and bug URL (OOPS!) > + > + * WebCore.xcodeproj/project.pbxproj: > + > 2011-01-20 Andreas Kling <kling@webkit.org> > > Reviewed by Ariya Hidayat. No changes to webcore => this changelog is bogus

Created attachment 79618 [details] Patch with changes suggested by reviewer. Added requested ASSERT, built --Debug and ran tests with successful results. The ClearDataLabel() call is no longer needed since we use the argument data label directly AND we want to preserve the existing data label. Removed the bogus WebCore change log.

Comment on attachment 79618 [details] Patch with changes suggested by reviewer. r=me

Committed r76275: <http://trac.webkit.org/changeset/76275>