RESOLVED FIXED 14764
Javascript object created on the stack causes seg fault. 
https://bugs.webkit.org/show_bug.cgi?id=14764
Summary Javascript object created on the stack causes seg fault.
Patrick
Reported 2007-07-25 14:06:17 PDT
PluginFunc::callAsFunction creates a PluginBase object on the stack and Collector tries to access the CollectorBitmap for an invalid address.
Attachments
Proposed changes (1.35 KB, patch)
2007-07-25 14:07 PDT, Patrick 		darin: review+
DetailsFormatted DiffDiff
Patch with email address. (1.35 KB, patch)
2007-07-26 05:28 PDT, Patrick 		darin: review-
DetailsFormatted DiffDiff
For real this time (1.32 KB, patch)
2007-07-27 04:47 PDT, Patrick 		mrowe: review+
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Patrick
Comment 1 2007-07-25 14:07:06 PDT
Created attachment 15685 [details] Proposed changes
mitz
Comment 2 2007-07-25 14:11:41 PDT
Comment on attachment 15685 [details] Proposed changes Patrick, note that you should have set the review flag to "?" to indicate that you want your patch reviewed.
Darin Adler
Comment 3 2007-07-25 14:24:08 PDT
Comment on attachment 15685 [details] Proposed changes This looks like the right fix! I'm going to mark this r=me even though I have two complaints: 1) The ChangeLog needs an email address. 2) We prefer to check in regression tests any time we fix a bug. Is there any way to reproduce the crash in a layout test?
David Kilzer (:ddkilzer)
Comment 4 2007-07-25 23:34:46 PDT
<rdar://problem/5361860>
Patrick
Comment 5 2007-07-26 05:23:49 PDT
I will update the changelog to have my email address in it. There is a layout test that uncovered the bug for me. LayoutTests/plugins/plugin-javascript-access.html crashes for me every time. But this is on ARM and it crashes when running optimized release code. I'm not sure why it doesn't crash in debug code.
Patrick
Comment 6 2007-07-26 05:28:42 PDT
Created attachment 15689 [details] Patch with email address. Added email address to ChangeLog.
Maxime BRITTO
Comment 7 2007-07-26 05:44:00 PDT
(In reply to comment #6) > Created an attachment (id=15689) [edit] > Patch with email address. > > Added email address to ChangeLog. > It seems that you sent the same file.. with no email address :-)
Darin Adler
Comment 8 2007-07-26 18:48:36 PDT
Comment on attachment 15689 [details] Patch with email address. Oops! Still no email address.
Patrick
Comment 9 2007-07-27 04:47:53 PDT
Created attachment 15702 [details] For real this time
Mark Rowe (bdash)
Comment 10 2007-07-27 05:02:44 PDT
Landed in r24719.
Note You need to log in before you can comment on or make changes to this bug.