[Webkit-unassigned] [Bug 27077] Workers + garbage collector: weird crashes
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jul 20 02:52:51 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=27077
--- Comment #20 from Zoltan Herczeg <zherczeg at inf.u-szeged.hu> 2009-07-20 02:52:49 PDT ---
Hi Gavin,
my idea is following:
JIT::patchMethodCallProto() (JITPropertyAccess.cpp) stores 4 pointers in the
code:
- structure
- proto
- proto->structure()
- callee (the cached value)
However, only structure is protected by a ref() call. I think we should also
protect the proto->structure() as well. Probably this would be enough to
eliminate the allocation problem. We had a little chat with Oliver today, and
he said I should ask you about your opinion about this solution. (And we also
wondered whether the "proto" should be protected)
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list