mirrors/escargot
2
0
Fork 0
mirror of https://github.com/Samsung/escargot.git synced 2026-06-22 10:01:50 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fix crash with ObjectStructureWithMap and inline cache

Browse source 
If inline cache refers ObjectStructure, ObjectStructure should keep its contents.

Signed-off-by: Seonghyun Kim <sh8281.kim@samsung.com>
This commit is contained in:
Seonghyun Kim 2023-07-19 16:41:20 +09:00 committed by Hyukwoo Park
commit 87fda52727
4 changed files with 73 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/interpreter/ByteCodeInterpreter.cpp
View file

@ -2410,6 +2410,7 @@ NEVER_INLINE void InterpreterSlowPath::getObjectPrecomputedCaseOperation(Executi
while (true) {
auto s = obj->structure();
s->markReferencedByInlineCache();
cachedhiddenClassChain.push_back(s);
auto result = s->findProperty(propertyName);
@ -4139,6 +4140,8 @@ NEVER_INLINE void InterpreterSlowPath::objectDefineOwnPropertyWithNameOperation(
byteCodeBlock->m_otherLiteralData.push_back(newStructure);
code->m_inlineCachedStructureBefore = oldStructure;
code->m_inlineCachedStructureAfter = newStructure;
oldStructure->markReferencedByInlineCache();
newStructure->markReferencedByInlineCache();
} else {
// failed to cache
}