Title: [253624] trunk/Source/_javascript_Core
- Revision
- 253624
- Author
- carlo...@webkit.org
- Date
- 2019-12-17 06:13:13 -0800 (Tue, 17 Dec 2019)
Log Message
[GLIB] jsc_context_evaluate_in_object should take the API lock before calling setGlobalScopeExtension
https://bugs.webkit.org/show_bug.cgi?id=205331
Reviewed by Žan Doberšek.
We are now getting a crash due to an assert because the api lock is not held.
* API/glib/JSCContext.cpp:
(jsc_context_evaluate_in_object):
Modified Paths
Diff
Modified: trunk/Source/_javascript_Core/API/glib/JSCContext.cpp (253623 => 253624)
--- trunk/Source/_javascript_Core/API/glib/JSCContext.cpp 2019-12-17 14:09:54 UTC (rev 253623)
+++ trunk/Source/_javascript_Core/API/glib/JSCContext.cpp 2019-12-17 14:13:13 UTC (rev 253624)
@@ -894,8 +894,8 @@
instance ? jscClassCreateContextWithJSWrapper(objectClass, context, instance) : JSGlobalContextCreateInGroup(jscVirtualMachineGetContextGroup(context->priv->vm.get()), nullptr));
JSC::JSGlobalObject* globalObject = toJS(objectContext.get());
JSC::VM& vm = globalObject->vm();
- auto* jsObject = globalObject;
- jsObject->setGlobalScopeExtension(JSC::JSWithScope::create(vm, jsObject, jsObject->globalScope(), toJS(JSContextGetGlobalObject(context->priv->jsContext.get()))));
+ JSC::JSLockHolder locker(globalObject);
+ globalObject->setGlobalScopeExtension(JSC::JSWithScope::create(vm, globalObject, globalObject->globalScope(), toJS(JSContextGetGlobalObject(context->priv->jsContext.get()))));
JSValueRef exception = nullptr;
JSValueRef result = evaluateScriptInContext(objectContext.get(), String::fromUTF8(code, length < 0 ? strlen(code) : length), uri, lineNumber, &exception);
if (jscContextHandleExceptionIfNeeded(context, exception))
Modified: trunk/Source/_javascript_Core/ChangeLog (253623 => 253624)
--- trunk/Source/_javascript_Core/ChangeLog 2019-12-17 14:09:54 UTC (rev 253623)
+++ trunk/Source/_javascript_Core/ChangeLog 2019-12-17 14:13:13 UTC (rev 253624)
@@ -1,3 +1,15 @@
+2019-12-17 Carlos Garcia Campos <cgar...@igalia.com>
+
+ [GLIB] jsc_context_evaluate_in_object should take the API lock before calling setGlobalScopeExtension
+ https://bugs.webkit.org/show_bug.cgi?id=205331
+
+ Reviewed by Žan Doberšek.
+
+ We are now getting a crash due to an assert because the api lock is not held.
+
+ * API/glib/JSCContext.cpp:
+ (jsc_context_evaluate_in_object):
+
2019-12-16 Mark Lam <mark....@apple.com>
Relanding r253581: Changed jsc shell timeout mechanism to leverage the VMTraps and use CPUTime.
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes