Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (172371 => 172372)
--- trunk/Source/_javascript_Core/ChangeLog 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/_javascript_Core/ChangeLog 2014-08-09 06:50:19 UTC (rev 172372)
@@ -1,3 +1,62 @@
+2014-08-08 Mark Lam <[email protected]>
+
+ REGRESSION: Inspector crashes when debugger is paused and injected scripts access window.screen().
+ <https://webkit.org/b/135656>
+
+ Not reviewed.
+
+ Rolling out r170680 which was merged to ToT in r172129.
+
+ * debugger/Debugger.h:
+ * debugger/DebuggerCallFrame.cpp:
+ (JSC::DebuggerCallFrame::scope):
+ (JSC::DebuggerCallFrame::evaluate):
+ (JSC::DebuggerCallFrame::invalidate):
+ * debugger/DebuggerCallFrame.h:
+ * debugger/DebuggerScope.cpp:
+ (JSC::DebuggerScope::DebuggerScope):
+ (JSC::DebuggerScope::finishCreation):
+ (JSC::DebuggerScope::visitChildren):
+ (JSC::DebuggerScope::className):
+ (JSC::DebuggerScope::getOwnPropertySlot):
+ (JSC::DebuggerScope::put):
+ (JSC::DebuggerScope::deleteProperty):
+ (JSC::DebuggerScope::getOwnPropertyNames):
+ (JSC::DebuggerScope::defineOwnProperty):
+ (JSC::DebuggerScope::next): Deleted.
+ (JSC::DebuggerScope::invalidateChain): Deleted.
+ (JSC::DebuggerScope::isWithScope): Deleted.
+ (JSC::DebuggerScope::isGlobalScope): Deleted.
+ (JSC::DebuggerScope::isFunctionScope): Deleted.
+ * debugger/DebuggerScope.h:
+ (JSC::DebuggerScope::create):
+ (JSC::DebuggerScope::Iterator::Iterator): Deleted.
+ (JSC::DebuggerScope::Iterator::get): Deleted.
+ (JSC::DebuggerScope::Iterator::operator++): Deleted.
+ (JSC::DebuggerScope::Iterator::operator==): Deleted.
+ (JSC::DebuggerScope::Iterator::operator!=): Deleted.
+ (JSC::DebuggerScope::isValid): Deleted.
+ (JSC::DebuggerScope::jsScope): Deleted.
+ (JSC::DebuggerScope::begin): Deleted.
+ (JSC::DebuggerScope::end): Deleted.
+ * inspector/JSJavaScriptCallFrame.cpp:
+ (Inspector::JSJavaScriptCallFrame::scopeType):
+ (Inspector::JSJavaScriptCallFrame::scopeChain):
+ * inspector/_javascript_CallFrame.h:
+ (Inspector::_javascript_CallFrame::scopeChain):
+ * inspector/ScriptDebugServer.cpp:
+ * runtime/JSGlobalObject.cpp:
+ (JSC::JSGlobalObject::reset):
+ (JSC::JSGlobalObject::visitChildren):
+ * runtime/JSGlobalObject.h:
+ (JSC::JSGlobalObject::debuggerScopeStructure): Deleted.
+ * runtime/JSObject.h:
+ (JSC::JSObject::isWithScope): Deleted.
+ * runtime/JSScope.h:
+ * runtime/VM.cpp:
+ (JSC::VM::VM):
+ * runtime/VM.h:
+
2014-08-07 Saam Barati <[email protected]>
Create a more generic way for VMEntryScope to notify those interested that it will be destroyed
Modified: trunk/Source/_javascript_Core/debugger/Debugger.h (172371 => 172372)
--- trunk/Source/_javascript_Core/debugger/Debugger.h 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/_javascript_Core/debugger/Debugger.h 2014-08-09 06:50:19 UTC (rev 172372)
@@ -33,7 +33,6 @@
namespace JSC {
-class CodeBlock;
class ExecState;
class JSGlobalObject;
class SourceProvider;
Modified: trunk/Source/_javascript_Core/debugger/DebuggerCallFrame.cpp (172371 => 172372)
--- trunk/Source/_javascript_Core/debugger/DebuggerCallFrame.cpp 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/_javascript_Core/debugger/DebuggerCallFrame.cpp 2014-08-09 06:50:19 UTC (rev 172372)
@@ -30,14 +30,12 @@
#include "DebuggerCallFrame.h"
#include "CodeBlock.h"
-#include "DebuggerScope.h"
#include "Interpreter.h"
#include "JSActivation.h"
#include "JSFunction.h"
#include "JSCInlines.h"
#include "Parser.h"
#include "StackVisitor.h"
-#include "StrongInlines.h"
namespace JSC {
@@ -108,25 +106,20 @@
return getCalculatedDisplayName(m_callFrame, function);
}
-DebuggerScope* DebuggerCallFrame::scope()
+JSScope* DebuggerCallFrame::scope() const
{
ASSERT(isValid());
if (!isValid())
return 0;
- if (!m_scope) {
- VM& vm = m_callFrame->vm();
- CodeBlock* codeBlock = m_callFrame->codeBlock();
- if (codeBlock && codeBlock->needsActivation() && !m_callFrame->hasActivation()) {
- ASSERT(!m_callFrame->scope()->isWithScope());
- JSActivation* activation = JSActivation::create(vm, m_callFrame, codeBlock);
- m_callFrame->setActivation(activation);
- m_callFrame->setScope(activation);
- }
-
- m_scope.set(vm, DebuggerScope::create(vm, m_callFrame->scope()));
+ CodeBlock* codeBlock = m_callFrame->codeBlock();
+ if (codeBlock && codeBlock->needsActivation() && !m_callFrame->hasActivation()) {
+ JSActivation* activation = JSActivation::create(*codeBlock->vm(), m_callFrame, codeBlock);
+ m_callFrame->setActivation(activation);
+ m_callFrame->setScope(activation);
}
- return m_scope.get();
+
+ return m_callFrame->scope();
}
DebuggerCallFrame::Type DebuggerCallFrame::type() const
@@ -169,7 +162,7 @@
}
JSValue thisValue = thisValueForCallFrame(callFrame);
- JSValue result = vm.interpreter->execute(eval, callFrame, thisValue, scope()->jsScope());
+ JSValue result = vm.interpreter->execute(eval, callFrame, thisValue, scope());
if (vm.exception()) {
exception = vm.exception();
vm.clearException();
@@ -181,10 +174,6 @@
void DebuggerCallFrame::invalidate()
{
m_callFrame = nullptr;
- if (m_scope) {
- m_scope->invalidateChain();
- m_scope.clear();
- }
RefPtr<DebuggerCallFrame> frame = m_caller.release();
while (frame) {
frame->m_callFrame = nullptr;
Modified: trunk/Source/_javascript_Core/debugger/DebuggerCallFrame.h (172371 => 172372)
--- trunk/Source/_javascript_Core/debugger/DebuggerCallFrame.h 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/_javascript_Core/debugger/DebuggerCallFrame.h 2014-08-09 06:50:19 UTC (rev 172372)
@@ -29,18 +29,14 @@
#ifndef DebuggerCallFrame_h
#define DebuggerCallFrame_h
+#include "CallFrame.h"
#include "DebuggerPrimitives.h"
-#include "Strong.h"
#include <wtf/PassRefPtr.h>
#include <wtf/RefCounted.h>
#include <wtf/text/TextPosition.h>
namespace JSC {
-class DebuggerScope;
-class ExecState;
-typedef ExecState CallFrame;
-
class DebuggerCallFrame : public RefCounted<DebuggerCallFrame> {
public:
enum Type { ProgramType, FunctionType };
@@ -62,7 +58,7 @@
JS_EXPORT_PRIVATE const TextPosition& position() const { return m_position; }
JS_EXPORT_PRIVATE JSGlobalObject* vmEntryGlobalObject() const;
- JS_EXPORT_PRIVATE DebuggerScope* scope();
+ JS_EXPORT_PRIVATE JSScope* scope() const;
JS_EXPORT_PRIVATE String functionName() const;
JS_EXPORT_PRIVATE Type type() const;
JS_EXPORT_PRIVATE JSValue thisValue() const;
@@ -82,9 +78,6 @@
CallFrame* m_callFrame;
RefPtr<DebuggerCallFrame> m_caller;
TextPosition m_position;
- // The DebuggerCallFrameScope is responsible for calling invalidate() which,
- // in turn, will clear this strong ref.
- Strong<DebuggerScope> m_scope;
};
} // namespace JSC
Modified: trunk/Source/_javascript_Core/debugger/DebuggerScope.cpp (172371 => 172372)
--- trunk/Source/_javascript_Core/debugger/DebuggerScope.cpp 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/_javascript_Core/debugger/DebuggerScope.cpp 2014-08-09 06:50:19 UTC (rev 172372)
@@ -28,7 +28,6 @@
#include "JSActivation.h"
#include "JSCInlines.h"
-#include "JSWithScope.h"
namespace JSC {
@@ -36,16 +35,17 @@
const ClassInfo DebuggerScope::s_info = { "DebuggerScope", &Base::s_info, 0, CREATE_METHOD_TABLE(DebuggerScope) };
-DebuggerScope::DebuggerScope(VM& vm, JSScope* scope)
- : JSNonFinalObject(vm, scope->globalObject()->debuggerScopeStructure())
+DebuggerScope::DebuggerScope(VM& vm)
+ : JSNonFinalObject(vm, vm.debuggerScopeStructure.get())
{
- ASSERT(scope);
- m_scope.set(vm, this, scope);
}
-void DebuggerScope::finishCreation(VM& vm)
+void DebuggerScope::finishCreation(VM& vm, JSObject* activation)
{
Base::finishCreation(vm);
+ ASSERT(activation);
+ ASSERT(activation->isActivationObject());
+ m_activation.set(vm, this, jsCast<JSActivation*>(activation));
}
void DebuggerScope::visitChildren(JSCell* cell, SlotVisitor& visitor)
@@ -53,108 +53,43 @@
DebuggerScope* thisObject = jsCast<DebuggerScope*>(cell);
ASSERT_GC_OBJECT_INHERITS(thisObject, info());
JSObject::visitChildren(thisObject, visitor);
- visitor.append(&thisObject->m_scope);
- visitor.append(&thisObject->m_next);
+ visitor.append(&thisObject->m_activation);
}
String DebuggerScope::className(const JSObject* object)
{
- const DebuggerScope* scope = jsCast<const DebuggerScope*>(object);
- ASSERT(scope->isValid());
- if (!scope->isValid())
- return String();
- JSObject* thisObject = JSScope::objectAtScope(scope->jsScope());
- return thisObject->methodTable()->className(thisObject);
+ const DebuggerScope* thisObject = jsCast<const DebuggerScope*>(object);
+ return thisObject->m_activation->methodTable()->className(thisObject->m_activation.get());
}
bool DebuggerScope::getOwnPropertySlot(JSObject* object, ExecState* exec, PropertyName propertyName, PropertySlot& slot)
{
- DebuggerScope* scope = jsCast<DebuggerScope*>(object);
- ASSERT(scope->isValid());
- if (!scope->isValid())
- return false;
- JSObject* thisObject = JSScope::objectAtScope(scope->jsScope());
- return thisObject->methodTable()->getOwnPropertySlot(thisObject, exec, propertyName, slot);
+ DebuggerScope* thisObject = jsCast<DebuggerScope*>(object);
+ return thisObject->m_activation->methodTable()->getOwnPropertySlot(thisObject->m_activation.get(), exec, propertyName, slot);
}
void DebuggerScope::put(JSCell* cell, ExecState* exec, PropertyName propertyName, JSValue value, PutPropertySlot& slot)
{
- DebuggerScope* scope = jsCast<DebuggerScope*>(cell);
- ASSERT(scope->isValid());
- if (!scope->isValid())
- return;
- JSObject* thisObject = JSScope::objectAtScope(scope->jsScope());
- thisObject->methodTable()->put(thisObject, exec, propertyName, value, slot);
+ DebuggerScope* thisObject = jsCast<DebuggerScope*>(cell);
+ thisObject->m_activation->methodTable()->put(thisObject->m_activation.get(), exec, propertyName, value, slot);
}
bool DebuggerScope::deleteProperty(JSCell* cell, ExecState* exec, PropertyName propertyName)
{
- DebuggerScope* scope = jsCast<DebuggerScope*>(cell);
- ASSERT(scope->isValid());
- if (!scope->isValid())
- return false;
- JSObject* thisObject = JSScope::objectAtScope(scope->jsScope());
- return thisObject->methodTable()->deleteProperty(thisObject, exec, propertyName);
+ DebuggerScope* thisObject = jsCast<DebuggerScope*>(cell);
+ return thisObject->m_activation->methodTable()->deleteProperty(thisObject->m_activation.get(), exec, propertyName);
}
void DebuggerScope::getOwnPropertyNames(JSObject* object, ExecState* exec, PropertyNameArray& propertyNames, EnumerationMode mode)
{
- DebuggerScope* scope = jsCast<DebuggerScope*>(object);
- ASSERT(scope->isValid());
- if (!scope->isValid())
- return;
- JSObject* thisObject = JSScope::objectAtScope(scope->jsScope());
- thisObject->methodTable()->getPropertyNames(thisObject, exec, propertyNames, mode);
+ DebuggerScope* thisObject = jsCast<DebuggerScope*>(object);
+ thisObject->m_activation->methodTable()->getPropertyNames(thisObject->m_activation.get(), exec, propertyNames, mode);
}
bool DebuggerScope::defineOwnProperty(JSObject* object, ExecState* exec, PropertyName propertyName, const PropertyDescriptor& descriptor, bool shouldThrow)
{
- DebuggerScope* scope = jsCast<DebuggerScope*>(object);
- ASSERT(scope->isValid());
- if (!scope->isValid())
- return false;
- JSObject* thisObject = JSScope::objectAtScope(scope->jsScope());
- return thisObject->methodTable()->defineOwnProperty(thisObject, exec, propertyName, descriptor, shouldThrow);
+ DebuggerScope* thisObject = jsCast<DebuggerScope*>(object);
+ return thisObject->m_activation->methodTable()->defineOwnProperty(thisObject->m_activation.get(), exec, propertyName, descriptor, shouldThrow);
}
-DebuggerScope* DebuggerScope::next()
-{
- ASSERT(isValid());
- if (!m_next && m_scope->next()) {
- VM& vm = *m_scope->vm();
- DebuggerScope* nextScope = create(vm, m_scope->next());
- m_next.set(vm, this, nextScope);
- }
- return m_next.get();
-}
-
-void DebuggerScope::invalidateChain()
-{
- DebuggerScope* scope = this;
- while (scope) {
- ASSERT(scope->isValid());
- DebuggerScope* nextScope = scope->m_next.get();
- scope->m_next.clear();
- scope->m_scope.clear();
- scope = nextScope;
- }
-}
-
-bool DebuggerScope::isWithScope() const
-{
- return m_scope->isWithScope();
-}
-
-bool DebuggerScope::isGlobalScope() const
-{
- return m_scope->isGlobalObject();
-}
-
-bool DebuggerScope::isFunctionScope() const
-{
- // In the current debugger implementation, every function will create an
- // activation object. Hence, an activation object implies a function scope.
- return m_scope->isActivationObject();
-}
-
} // namespace JSC
Modified: trunk/Source/_javascript_Core/debugger/DebuggerScope.h (172371 => 172372)
--- trunk/Source/_javascript_Core/debugger/DebuggerScope.h 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/_javascript_Core/debugger/DebuggerScope.h 2014-08-09 06:50:19 UTC (rev 172372)
@@ -30,18 +30,15 @@
namespace JSC {
-class DebuggerCallFrame;
-class JSScope;
-
class DebuggerScope : public JSNonFinalObject {
public:
typedef JSNonFinalObject Base;
- static DebuggerScope* create(VM& vm, JSScope* scope)
+ static DebuggerScope* create(VM& vm, JSObject* object)
{
- DebuggerScope* debuggerScope = new (NotNull, allocateCell<DebuggerScope>(vm.heap)) DebuggerScope(vm, scope);
- debuggerScope->finishCreation(vm);
- return debuggerScope;
+ DebuggerScope* activation = new (NotNull, allocateCell<DebuggerScope>(vm.heap)) DebuggerScope(vm);
+ activation->finishCreation(vm, object);
+ return activation;
}
static void visitChildren(JSCell*, SlotVisitor&);
@@ -59,59 +56,16 @@
return Structure::create(vm, globalObject, prototype, TypeInfo(ObjectType, StructureFlags), info());
}
- class Iterator {
- public:
- Iterator(DebuggerScope* node)
- : m_node(node)
- {
- }
+protected:
+ static const unsigned StructureFlags = OverridesGetOwnPropertySlot | JSObject::StructureFlags;
- DebuggerScope* get() { return m_node; }
- Iterator& operator++() { m_node = m_node->next(); return *this; }
- // postfix ++ intentionally omitted
+ JS_EXPORT_PRIVATE void finishCreation(VM&, JSObject* activation);
- bool operator==(const Iterator& other) const { return m_node == other.m_node; }
- bool operator!=(const Iterator& other) const { return m_node != other.m_node; }
-
- private:
- DebuggerScope* m_node;
- };
-
- Iterator begin();
- Iterator end();
- DebuggerScope* next();
-
- void invalidateChain();
- bool isValid() const { return !!m_scope; }
-
- bool isWithScope() const;
- bool isGlobalScope() const;
- bool isFunctionScope() const;
-
private:
- JS_EXPORT_PRIVATE DebuggerScope(VM&, JSScope*);
- JS_EXPORT_PRIVATE void finishCreation(VM&);
-
- JSScope* jsScope() const { return m_scope.get(); }
-
- static const unsigned StructureFlags = OverridesGetOwnPropertySlot | OverridesGetPropertyNames | JSObject::StructureFlags;
-
- WriteBarrier<JSScope> m_scope;
- WriteBarrier<DebuggerScope> m_next;
-
- friend class DebuggerCallFrame;
+ JS_EXPORT_PRIVATE DebuggerScope(VM&);
+ WriteBarrier<JSActivation> m_activation;
};
-inline DebuggerScope::Iterator DebuggerScope::begin()
-{
- return Iterator(this);
-}
-
-inline DebuggerScope::Iterator DebuggerScope::end()
-{
- return Iterator(0);
-}
-
} // namespace JSC
#endif // DebuggerScope_h
Modified: trunk/Source/_javascript_Core/inspector/JSJavaScriptCallFrame.cpp (172371 => 172372)
--- trunk/Source/_javascript_Core/inspector/JSJavaScriptCallFrame.cpp 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/_javascript_Core/inspector/JSJavaScriptCallFrame.cpp 2014-08-09 06:50:19 UTC (rev 172372)
@@ -28,7 +28,6 @@
#if ENABLE(INSPECTOR)
-#include "DebuggerScope.h"
#include "Error.h"
#include "JSCJSValue.h"
#include "JSCellInlines.h"
@@ -96,30 +95,29 @@
return jsUndefined();
int index = exec->argument(0).asInt32();
- DebuggerScope* scopeChain = impl().scopeChain();
- DebuggerScope::Iterator end = scopeChain->end();
+ JSScope* scopeChain = impl().scopeChain();
+ ScopeChainIterator end = scopeChain->end();
- bool foundLocalScope = false;
- for (DebuggerScope::Iterator iter = scopeChain->begin(); iter != end; ++iter) {
- DebuggerScope* scope = iter.get();
+ // FIXME: We should be identifying and returning CATCH_SCOPE appropriately.
- if (!foundLocalScope && scope->isFunctionScope()) {
- // First function scope is the local scope, each successive one is a closure.
- if (!index)
- return jsNumber(JSJavaScriptCallFrame::LOCAL_SCOPE);
- foundLocalScope = true;
+ bool foundLocalScope = false;
+ for (ScopeChainIterator iter = scopeChain->begin(); iter != end; ++iter) {
+ JSObject* scope = iter.get();
+ if (scope->isActivationObject()) {
+ if (!foundLocalScope) {
+ // First activation object is local scope, each successive activation object is closure.
+ if (!index)
+ return jsNumber(JSJavaScriptCallFrame::LOCAL_SCOPE);
+ foundLocalScope = true;
+ } else if (!index)
+ return jsNumber(JSJavaScriptCallFrame::CLOSURE_SCOPE);
}
if (!index) {
- if (scope->isWithScope())
- return jsNumber(JSJavaScriptCallFrame::WITH_SCOPE);
- if (scope->isGlobalScope()) {
- ASSERT(++iter == end);
+ // Last in the chain is global scope.
+ if (++iter == end)
return jsNumber(JSJavaScriptCallFrame::GLOBAL_SCOPE);
- }
- // FIXME: We should be identifying and returning CATCH_SCOPE appropriately.
- ASSERT(scope->isFunctionScope());
- return jsNumber(JSJavaScriptCallFrame::CLOSURE_SCOPE);
+ return jsNumber(JSJavaScriptCallFrame::WITH_SCOPE);
}
--index;
@@ -159,9 +157,9 @@
if (!impl().scopeChain())
return jsNull();
- DebuggerScope* scopeChain = impl().scopeChain();
- DebuggerScope::Iterator iter = scopeChain->begin();
- DebuggerScope::Iterator end = scopeChain->end();
+ JSScope* scopeChain = impl().scopeChain();
+ ScopeChainIterator iter = scopeChain->begin();
+ ScopeChainIterator end = scopeChain->end();
// We must always have something in the scope chain.
ASSERT(iter != end);
Modified: trunk/Source/_javascript_Core/inspector/_javascript_CallFrame.h (172371 => 172372)
--- trunk/Source/_javascript_Core/inspector/_javascript_CallFrame.h 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/_javascript_Core/inspector/_javascript_CallFrame.h 2014-08-09 06:50:19 UTC (rev 172372)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2008, 2013-2014 Apple Inc. All Rights Reserved.
+ * Copyright (C) 2008, 2013 Apple Inc. All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -53,7 +53,7 @@
String functionName() const { return m_debuggerCallFrame->functionName(); }
JSC::DebuggerCallFrame::Type type() const { return m_debuggerCallFrame->type(); }
- JSC::DebuggerScope* scopeChain() const { return m_debuggerCallFrame->scope(); }
+ JSC::JSScope* scopeChain() const { return m_debuggerCallFrame->scope(); }
JSC::JSGlobalObject* vmEntryGlobalObject() const { return m_debuggerCallFrame->vmEntryGlobalObject(); }
JSC::JSValue thisValue() const { return m_debuggerCallFrame->thisValue(); }
Modified: trunk/Source/_javascript_Core/inspector/ScriptDebugServer.cpp (172371 => 172372)
--- trunk/Source/_javascript_Core/inspector/ScriptDebugServer.cpp 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/_javascript_Core/inspector/ScriptDebugServer.cpp 2014-08-09 06:50:19 UTC (rev 172372)
@@ -34,7 +34,6 @@
#if ENABLE(INSPECTOR)
#include "DebuggerCallFrame.h"
-#include "DebuggerScope.h"
#include "JSJavaScriptCallFrame.h"
#include "JSLock.h"
#include "_javascript_CallFrame.h"
Modified: trunk/Source/_javascript_Core/runtime/JSGlobalObject.cpp (172371 => 172372)
--- trunk/Source/_javascript_Core/runtime/JSGlobalObject.cpp 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/_javascript_Core/runtime/JSGlobalObject.cpp 2014-08-09 06:50:19 UTC (rev 172372)
@@ -45,7 +45,6 @@
#include "DateConstructor.h"
#include "DatePrototype.h"
#include "Debugger.h"
-#include "DebuggerScope.h"
#include "Error.h"
#include "ErrorConstructor.h"
#include "ErrorPrototype.h"
@@ -321,7 +320,6 @@
m_nameScopeStructure.set(vm, this, JSNameScope::createStructure(vm, this, jsNull()));
m_activationStructure.set(vm, this, JSActivation::createStructure(vm, this, jsNull()));
m_strictEvalActivationStructure.set(vm, this, StrictEvalActivation::createStructure(vm, this, jsNull()));
- m_debuggerScopeStructure.set(m_vm, this, DebuggerScope::createStructure(m_vm, this, jsNull()));
m_withScopeStructure.set(vm, this, JSWithScope::createStructure(vm, this, jsNull()));
m_nullPrototypeObjectStructure.set(vm, this, JSFinalObject::createStructure(vm, this, jsNull(), JSFinalObject::defaultInlineCapacity()));
@@ -664,7 +662,6 @@
visitor.append(&thisObject->m_promisePrototype);
#endif
- visitor.append(&thisObject->m_debuggerScopeStructure);
visitor.append(&thisObject->m_withScopeStructure);
visitor.append(&thisObject->m_strictEvalActivationStructure);
visitor.append(&thisObject->m_activationStructure);
Modified: trunk/Source/_javascript_Core/runtime/JSGlobalObject.h (172371 => 172372)
--- trunk/Source/_javascript_Core/runtime/JSGlobalObject.h 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/_javascript_Core/runtime/JSGlobalObject.h 2014-08-09 06:50:19 UTC (rev 172372)
@@ -186,7 +186,6 @@
WriteBarrier<JSPromisePrototype> m_promisePrototype;
#endif
- WriteBarrier<Structure> m_debuggerScopeStructure;
WriteBarrier<Structure> m_withScopeStructure;
WriteBarrier<Structure> m_strictEvalActivationStructure;
WriteBarrier<Structure> m_activationStructure;
@@ -392,7 +391,6 @@
JSPromisePrototype* promisePrototype() const { return m_promisePrototype.get(); }
#endif
- Structure* debuggerScopeStructure() const { return m_debuggerScopeStructure.get(); }
Structure* withScopeStructure() const { return m_withScopeStructure.get(); }
Structure* strictEvalActivationStructure() const { return m_strictEvalActivationStructure.get(); }
Structure* activationStructure() const { return m_activationStructure.get(); }
Modified: trunk/Source/_javascript_Core/runtime/JSObject.h (172371 => 172372)
--- trunk/Source/_javascript_Core/runtime/JSObject.h 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/_javascript_Core/runtime/JSObject.h 2014-08-09 06:50:19 UTC (rev 172372)
@@ -594,7 +594,6 @@
bool isNameScopeObject() const;
bool isActivationObject() const;
bool isErrorInstance() const;
- bool isWithScope() const;
JS_EXPORT_PRIVATE void seal(VM&);
JS_EXPORT_PRIVATE void freeze(VM&);
@@ -1151,11 +1150,6 @@
return type() == ErrorInstanceType;
}
-inline bool JSObject::isWithScope() const
-{
- return type() == WithScopeType;
-}
-
inline void JSObject::setStructureAndButterfly(VM& vm, Structure* structure, Butterfly* butterfly)
{
ASSERT(structure);
Modified: trunk/Source/_javascript_Core/runtime/JSScope.h (172371 => 172372)
--- trunk/Source/_javascript_Core/runtime/JSScope.h 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/_javascript_Core/runtime/JSScope.h 2014-08-09 06:50:19 UTC (rev 172372)
@@ -150,7 +150,7 @@
friend class LLIntOffsetsExtractor;
static size_t offsetOfNext();
- static JSObject* objectAtScope(JSScope*);
+ JS_EXPORT_PRIVATE static JSObject* objectAtScope(JSScope*);
static JSValue resolve(ExecState*, JSScope*, const Identifier&);
static ResolveOp abstractResolve(ExecState*, JSScope*, const Identifier&, GetOrPut, ResolveType);
Modified: trunk/Source/_javascript_Core/runtime/VM.cpp (172371 => 172372)
--- trunk/Source/_javascript_Core/runtime/VM.cpp 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/_javascript_Core/runtime/VM.cpp 2014-08-09 06:50:19 UTC (rev 172372)
@@ -40,6 +40,7 @@
#include "CustomGetterSetter.h"
#include "DFGLongLivedState.h"
#include "DFGWorklist.h"
+#include "DebuggerScope.h"
#include "ErrorInstance.h"
#include "FTLThunks.h"
#include "FunctionConstructor.h"
@@ -205,6 +206,7 @@
propertyNames = new CommonIdentifiers(this);
structureStructure.set(*this, Structure::createStructure(*this));
structureRareDataStructure.set(*this, StructureRareData::createStructure(*this, 0, jsNull()));
+ debuggerScopeStructure.set(*this, DebuggerScope::createStructure(*this, 0, jsNull()));
terminatedExecutionErrorStructure.set(*this, TerminatedExecutionError::createStructure(*this, 0, jsNull()));
stringStructure.set(*this, JSString::createStructure(*this, 0, jsNull()));
notAnObjectStructure.set(*this, JSNotAnObject::createStructure(*this, 0, jsNull()));
Modified: trunk/Source/_javascript_Core/runtime/VM.h (172371 => 172372)
--- trunk/Source/_javascript_Core/runtime/VM.h 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/_javascript_Core/runtime/VM.h 2014-08-09 06:50:19 UTC (rev 172372)
@@ -240,6 +240,7 @@
Strong<Structure> structureStructure;
Strong<Structure> structureRareDataStructure;
+ Strong<Structure> debuggerScopeStructure;
Strong<Structure> terminatedExecutionErrorStructure;
Strong<Structure> stringStructure;
Strong<Structure> notAnObjectStructure;
Modified: trunk/Source/WebCore/ChangeLog (172371 => 172372)
--- trunk/Source/WebCore/ChangeLog 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/WebCore/ChangeLog 2014-08-09 06:50:19 UTC (rev 172372)
@@ -1,3 +1,15 @@
+2014-08-08 Mark Lam <[email protected]>
+
+ REGRESSION: Inspector crashes when debugger is paused and injected scripts access window.screen().
+ <https://webkit.org/b/135656>
+
+ Not reviewed.
+
+ Rolling out r170680 which was merged to ToT in r172129.
+
+ * bindings/js/ScriptController.cpp:
+ (WebCore::ScriptController::attachDebugger):
+
2014-08-08 Peyton Randolph <[email protected]>
Implement long mouse press over links. Part of 135257 - Add long mouse press gesture.
Modified: trunk/Source/WebCore/bindings/js/ScriptController.cpp (172371 => 172372)
--- trunk/Source/WebCore/bindings/js/ScriptController.cpp 2014-08-09 02:37:31 UTC (rev 172371)
+++ trunk/Source/WebCore/bindings/js/ScriptController.cpp 2014-08-09 06:50:19 UTC (rev 172372)
@@ -307,7 +307,6 @@
return;
JSDOMWindow* globalObject = shell->window();
- JSLockHolder lock(globalObject->vm());
if (debugger)
debugger->attach(globalObject);
else if (JSC::Debugger* currentDebugger = globalObject->debugger())
