[Webkit-unassigned] [Bug 16868] Gmail crash
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jan 15 07:51:54 PST 2008
http://bugs.webkit.org/show_bug.cgi?id=16868
------- Comment #10 from darin at apple.com 2008-01-15 07:51 PDT -------
(From update of attachment 18453)
+ if (m_savedExec && m_savedExec != m_callingExec)
+ m_savedExec->mark();
The ExecState::mark function marks the scope chains of all the execs in the
callingExec chain in an iterative way rather than a recursive way. But this new
savedExec code uses recursion instead.
Also, the code to mark the activation is only done on the top ExecState, which
seems wrong. The m_callingExec loop should either use recursion too (not my
favorite idea) or we should move the marking of the activation inside that
loop.
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list