[SCM] WebKit Debian packaging branch, webkit-1.3, updated. upstream/1.3.7-4207-g178b198

kbr at google.com kbr at google.com
Sun Feb 20 23:14:01 UTC 2011 

The following commit has been merged in the webkit-1.3 branch:
commit 6b104b6b21d48a4984be8e9fe9291b374fbc29e4
Author: kbr at google.com <kbr at google.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Wed Jan 19 04:33:12 2011 +0000

    2011-01-18  Kenneth Russell  <kbr at google.com>
    
            Unreviewed, rolling out r76078.
            http://trac.webkit.org/changeset/76078
            https://bugs.webkit.org/show_bug.cgi?id=52668
    
            Caused crashes of fast/canvas/webgl/constants.html,
            fast/canvas/webgl/gl-enum-tests.html, and possibly other layout
            test crashes in Release mode. WebGL crashes were observed with
            "run-webkit-tests fast/canvas/webgl". It was necessary to run
            multiple tests to provoke the crash.
    
            * interpreter/RegisterFile.h:
            (JSC::RegisterFile::markGlobals):
            * runtime/JSActivation.cpp:
            (JSC::JSActivation::markChildren):
            * runtime/JSGlobalObject.cpp:
            (JSC::JSGlobalObject::markChildren):
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@76100 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/Source/JavaScriptCore/ChangeLog b/Source/JavaScriptCore/ChangeLog
index 27f2064..4cb9d0f 100644
--- a/Source/JavaScriptCore/ChangeLog
+++ b/Source/JavaScriptCore/ChangeLog
@@ -1,3 +1,22 @@
+2011-01-18  Kenneth Russell  <kbr at google.com>
+
+        Unreviewed, rolling out r76078.
+        http://trac.webkit.org/changeset/76078
+        https://bugs.webkit.org/show_bug.cgi?id=52668
+
+        Caused crashes of fast/canvas/webgl/constants.html,
+        fast/canvas/webgl/gl-enum-tests.html, and possibly other layout
+        test crashes in Release mode. WebGL crashes were observed with
+        "run-webkit-tests fast/canvas/webgl". It was necessary to run
+        multiple tests to provoke the crash.
+
+        * interpreter/RegisterFile.h:
+        (JSC::RegisterFile::markGlobals):
+        * runtime/JSActivation.cpp:
+        (JSC::JSActivation::markChildren):
+        * runtime/JSGlobalObject.cpp:
+        (JSC::JSGlobalObject::markChildren):
+
 2011-01-18  Oliver Hunt  <oliver at apple.com>
 
         Reviewed by Gavin Barraclough.
diff --git a/Source/JavaScriptCore/interpreter/RegisterFile.h b/Source/JavaScriptCore/interpreter/RegisterFile.h
index 75fd784..f2e6553 100644
--- a/Source/JavaScriptCore/interpreter/RegisterFile.h
+++ b/Source/JavaScriptCore/interpreter/RegisterFile.h
@@ -131,6 +131,7 @@ namespace JSC {
 
         Register* lastGlobal() const { return m_start - m_numGlobals; }
         
+        void markGlobals(MarkStack& markStack, Heap* heap) { heap->markConservatively(markStack, lastGlobal(), m_start); }
         void markCallFrames(MarkStack& markStack, Heap* heap) { heap->markConservatively(markStack, m_start, m_end); }
 
         static size_t committedByteCount();
diff --git a/Source/JavaScriptCore/runtime/JSActivation.cpp b/Source/JavaScriptCore/runtime/JSActivation.cpp
index 428403d..4a896ce 100644
--- a/Source/JavaScriptCore/runtime/JSActivation.cpp
+++ b/Source/JavaScriptCore/runtime/JSActivation.cpp
@@ -53,7 +53,6 @@ void JSActivation::markChildren(MarkStack& markStack)
 {
     Base::markChildren(markStack);
 
-    // No need to mark our registers if they're still in the RegisterFile.
     Register* registerArray = d()->registerArray.get();
     if (!registerArray)
         return;
diff --git a/Source/JavaScriptCore/runtime/JSGlobalObject.cpp b/Source/JavaScriptCore/runtime/JSGlobalObject.cpp
index d49e7fc..408aea7 100644
--- a/Source/JavaScriptCore/runtime/JSGlobalObject.cpp
+++ b/Source/JavaScriptCore/runtime/JSGlobalObject.cpp
@@ -349,6 +349,10 @@ void JSGlobalObject::markChildren(MarkStack& markStack)
     for (HashSet<GlobalCodeBlock*>::const_iterator it = codeBlocks().begin(); it != end; ++it)
         (*it)->markAggregate(markStack);
 
+    RegisterFile& registerFile = globalData().interpreter->registerFile();
+    if (registerFile.globalObject() == this)
+        registerFile.markGlobals(markStack, &globalData().heap);
+
     markIfNeeded(markStack, d()->regExpConstructor);
     markIfNeeded(markStack, d()->errorConstructor);
     markIfNeeded(markStack, d()->evalErrorConstructor);
@@ -393,7 +397,12 @@ void JSGlobalObject::markChildren(MarkStack& markStack)
     // No need to mark the other structures, because their prototypes are all
     // guaranteed to be referenced elsewhere.
 
-    markStack.appendValues(d()->registers - symbolTable().size(), symbolTable().size());
+    Register* registerArray = d()->registerArray.get();
+    if (!registerArray)
+        return;
+
+    size_t size = d()->registerArraySize;
+    markStack.appendValues(reinterpret_cast<JSValue*>(registerArray), size);
 }
 
 ExecState* JSGlobalObject::globalExec()

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list