[webkit-changes] [WebKit/WebKit] 929c0d: [JSC] MarkedVector::fill should register itself as...
Yusuke Suzuki
noreply at github.com
Mon Jul 31 11:44:29 PDT 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 929c0df4fd46d057005e2f6c953838dc2bad4b4d
https://github.com/WebKit/WebKit/commit/929c0df4fd46d057005e2f6c953838dc2bad4b4d
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2023-07-31 (Mon, 31 Jul 2023)
Changed paths:
A JSTests/stress/marked-buffer-fill-should-be-gc-aware.js
M Source/JavaScriptCore/llint/LLIntSlowPaths.cpp
M Source/JavaScriptCore/runtime/ArgList.h
Log Message:
-----------
[JSC] MarkedVector::fill should register itself as a root
https://bugs.webkit.org/show_bug.cgi?id=255951
rdar://108261913
Reviewed by Alexey Shvayka and Justin Michaud.
1. MarkedVector::fill is not registering itself as a strong root of GC. This patch fixes it with m_markSet->add.
2. Initialize buffer with empty value in MarkedVector::fill. This buffer can be scanned via GC when GC is invoked from
a passed lambda.
* JSTests/stress/marked-buffer-fill-should-be-gc-aware.js: Added.
(foo):
* Source/JavaScriptCore/llint/LLIntSlowPaths.cpp:
(JSC::LLInt::handleVarargsCheckpoint):
* Source/JavaScriptCore/runtime/ArgList.h:
(JSC::MarkedVector::fill):
Originally-landed-as: 259548.690 at safari-7615-branch (b05050e0cc00). rdar://108261913
Canonical link: https://commits.webkit.org/266449@main
More information about the webkit-changes
mailing list