[Webkit-unassigned] [Bug 101940] New: StructureStubInfo should NOT be movable
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Nov 12 08:25:03 PST 2012
https://bugs.webkit.org/show_bug.cgi?id=101940
Summary: StructureStubInfo should NOT be movable
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: yoli at rim.com
Currently CodeBlock contains a Vector of StructureStubInfo, which means those StructureStubInfo objects can be moved whenever Vector wants to move them. A potential issue is StructureStubInfo::watchpoints holds the address of the owner StructureStubInfo. So it could end up with dangling pointer issue.
I haven't seen this really happens though, probably because the Vector grows and shrinkToFits always before any watchpoint is added?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list