[webkit-changes] [200200] trunk/Source/JavaScriptCore

Thu, 28 Apr 2016 11:19:43 -0700

Title: [200200] trunk/Source/_javascript_Core
Revision
200200
Author
[email protected]
Date
2016-04-28 11:18:58 -0700 (Thu, 28 Apr 2016)

Log Message

DebuggerScope::className() should not assert scope->isValid().
https://bugs.webkit.org/show_bug.cgi?id=157143

Reviewed by Keith Miller.

DebuggerScope::className() should not assert scope->isValid() because the
TypeProfiler logs objects it encounters, and may indirectly call
JSObject::calculatedClassName() on those objects later, thereby calling
DebuggerScope::className() on an invalidated DebuggerScope.

The existing handling in DebuggerScope::className() for an invalidated scope
(that returns a null string) is sufficient.

* debugger/DebuggerScope.cpp:
(JSC::DebuggerScope::className):

Modified Paths

Diff

Modified: trunk/Source/_javascript_Core/ChangeLog (200199 => 200200)


--- trunk/Source/_javascript_Core/ChangeLog	2016-04-28 17:58:12 UTC (rev 200199)
+++ trunk/Source/_javascript_Core/ChangeLog	2016-04-28 18:18:58 UTC (rev 200200)
@@ -1,3 +1,21 @@
+2016-04-28  Mark Lam  <[email protected]>
+
+        DebuggerScope::className() should not assert scope->isValid().
+        https://bugs.webkit.org/show_bug.cgi?id=157143
+
+        Reviewed by Keith Miller.
+
+        DebuggerScope::className() should not assert scope->isValid() because the
+        TypeProfiler logs objects it encounters, and may indirectly call
+        JSObject::calculatedClassName() on those objects later, thereby calling
+        DebuggerScope::className() on an invalidated DebuggerScope.
+
+        The existing handling in DebuggerScope::className() for an invalidated scope
+        (that returns a null string) is sufficient.
+
+        * debugger/DebuggerScope.cpp:
+        (JSC::DebuggerScope::className):
+
 2016-04-28  Caitlin Potter  <[email protected]>
 
         [JSC] implement spec changes for String#padStart and String#padEnd

Modified: trunk/Source/_javascript_Core/debugger/DebuggerScope.cpp (200199 => 200200)


--- trunk/Source/_javascript_Core/debugger/DebuggerScope.cpp	2016-04-28 17:58:12 UTC (rev 200199)
+++ trunk/Source/_javascript_Core/debugger/DebuggerScope.cpp	2016-04-28 18:18:58 UTC (rev 200200)
@@ -60,7 +60,8 @@
 String DebuggerScope::className(const JSObject* object)
 {
     const DebuggerScope* scope = jsCast<const DebuggerScope*>(object);
-    ASSERT(scope->isValid());
+    // We cannot assert that scope->isValid() because the TypeProfiler may encounter an invalidated
+    // DebuggerScope in its log entries. We just need to handle it appropriately as below.
     if (!scope->isValid())
         return String();
     JSObject* thisObject = JSScope::objectAtScope(scope->jsScope());

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to