[Webkit-unassigned] [Bug 52075] Don't assert when trying to recompile JS while executing JS
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jan 10 13:49:51 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=52075
--- Comment #4 from Joe Mason <jmason at rim.com> 2011-01-10 13:49:51 PST ---
(In reply to comment #3)
> (From update of attachment 78259 [details])
> This won't work. If you do this, then you'll end up throwing away the code for functions that are live one the stack. The code buffer may be reused and overwritten, and then we may may a return back into that address range expecting the old code to be there.
>
> Right now we can only handle throwing away code if the machine stack is empty, WebCore does need to ensure that it only calls this method whilst no JavaScript execution is taking place.
The call stack is:
webkitCrash(const char * file=0x3c7dbc5c, int line=0x0000003c, const char * function=0x3c7dbc34) Line 25 C++
JSC::Debugger::recompileAllJSFunctions(JSC::JSGlobalData * globalData=0x3caf0058) Line 60 + 0x36 bytes C++
WebCore::ScriptDebugServer::recompileAllJSFunctions(WebCore::Timer<WebCore::ScriptDebugServer> * __formal=0x3cad2240) Line 574 C++
WebCore::Timer<WebCore::ScriptDebugServer>::fired() Line 98 + 0x1f bytes C++
WebCore::ThreadTimers::sharedTimerFiredInternal() Line 115 C++
WebCore::ThreadTimers::sharedTimerFired() Line 91 C++
Is the problem that once recompileAllJSFunctions is called, it must complete? In that case it might be safe to delay firing the timer as long as loading is deferred.
Or is the problem that once recompileAllJSFunctionsSoon gets called (which sets the timer), they must actually get recompiled next time through the event loop?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list