11477 2006-10-31 17:08:52 -0800 REGRESSION: GMail crashes in KJS::FunctionImp::callerGetter 2006-11-01 03:40:23 -0800 1 1 1 Unclassified WebKit JavaScriptCore 420+ Mac OS X 10.4 RESOLVED FIXED GoogleBug, Regression P1 Normal --- 9638 1 justin.garcia ggaren oldest_to_newest 48274 0 justin.garcia 2006-10-31 17:08:52 -0800 Goto http://mail.google.com/ Login Crash: 0 com.apple.JavaScriptCore 0x00324460 KJS::FunctionImp::callerGetter(KJS::ExecState*, KJS::JSObject*, KJS::Identifier const&, KJS::PropertySlot const&) + 32 1 com.apple.JavaScriptCore 0x003407a0 KJS::JSObject::get(KJS::ExecState*, KJS::Identifier const&) const + 176 2 com.apple.JavaScriptCore 0x00333cfc KJS::ArgumentListNode::evaluateList(KJS::ExecState*) + 92 3 com.apple.JavaScriptCore 0x003347e4 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 452 4 com.apple.JavaScriptCore 0x003333f8 KJS::AddNode::evaluate(KJS::ExecState*) + 120 5 com.apple.JavaScriptCore 0x0033279c KJS::AssignResolveNode::evaluate(KJS::ExecState*) + 364 6 com.apple.JavaScriptCore 0x00338a88 KJS::ExprStatementNode::execute(KJS::ExecState*) + 104 7 com.apple.JavaScriptCore 0x0033bf38 KJS::SourceElementsNode::execute(KJS::ExecState*) + 472 8 com.apple.JavaScriptCore 0x003389b8 KJS::BlockNode::execute(KJS::ExecState*) + 152 9 com.apple.JavaScriptCore 0x00338cf8 KJS::IfNode::execute(KJS::ExecState*) + 392 10 com.apple.JavaScriptCore 0x0033bf38 KJS::SourceElementsNode::execute(KJS::ExecState*) + 472 11 com.apple.JavaScriptCore 0x003389b8 KJS::BlockNode::execute(KJS::ExecState*) + 152 12 com.apple.JavaScriptCore 0x0033ba0c KJS::TryNode::execute(KJS::ExecState*) + 108 13 com.apple.JavaScriptCore 0x0033be5c KJS::SourceElementsNode::execute(KJS::ExecState*) + 252 14 com.apple.JavaScriptCore 0x003389b8 KJS::BlockNode::execute(KJS::ExecState*) + 152 15 com.apple.JavaScriptCore 0x003257a8 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56 16 com.apple.JavaScriptCore 0x00325110 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 448 17 com.apple.JavaScriptCore 0x003415e4 KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 116 18 com.apple.JavaScriptCore 0x00334878 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 600 19 com.apple.JavaScriptCore 0x003333f8 KJS::AddNode::evaluate(KJS::ExecState*) + 120 20 com.apple.JavaScriptCore 0x0033279c KJS::AssignResolveNode::evaluate(KJS::ExecState*) + 364 21 com.apple.JavaScriptCore 0x00338a88 KJS::ExprStatementNode::execute(KJS::ExecState*) + 104 22 com.apple.JavaScriptCore 0x0033bf38 KJS::SourceElementsNode::execute(KJS::ExecState*) + 472 23 com.apple.JavaScriptCore 0x003389b8 KJS::BlockNode::execute(KJS::ExecState*) + 152 24 com.apple.JavaScriptCore 0x00338cf8 KJS::IfNode::execute(KJS::ExecState*) + 392 25 com.apple.JavaScriptCore 0x0033bf38 KJS::SourceElementsNode::execute(KJS::ExecState*) + 472 26 com.apple.JavaScriptCore 0x003389b8 KJS::BlockNode::execute(KJS::ExecState*) + 152 27 com.apple.JavaScriptCore 0x0033ba0c KJS::TryNode::execute(KJS::ExecState*) + 108 ... 48275 1 ggaren 2006-10-31 17:34:02 -0800 I have a fix. 48276 2 11316 ggaren 2006-10-31 18:08:20 -0800 Created attachment 11316 fix w/layout test and changelog 48277 3 11316 bdakin 2006-10-31 18:16:33 -0800 Comment on attachment 11316 fix w/layout test and changelog r=me! 48278 4 ggaren 2006-10-31 18:21:17 -0800 Committed revision 17507. 11316 2006-10-31 18:08:20 -0800 2006-10-31 18:16:33 -0800 fix w/layout test and changelog patch-caller.txt text/plain 4183 ggaren SW5kZXg6IEphdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBKYXZhU2NyaXB0 Q29yZS9DaGFuZ2VMb2cJKHJldmlzaW9uIDE3NTA1KQorKysgSmF2YVNjcmlwdENvcmUvQ2hhbmdl TG9nCSh3b3JraW5nIGNvcHkpCkBAIC0xLDMgKzEsMTQgQEAKKzIwMDYtMTAtMzEgIEdlb2ZmcmV5 IEdhcmVuICA8Z2dhcmVuQGFwcGxlLmNvbT4KKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkg KE9PUFMhKS4KKyAgICAgICAgCisgICAgICAgIEZpeGVkIGh0dHA6Ly9idWdzLndlYmtpdC5vcmcv c2hvd19idWcuY2dpP2lkPTExNDc3CisgICAgICAgIFJFR1JFU1NJT046IEdNYWlsIGNyYXNoZXMg aW4gS0pTOjpGdW5jdGlvbkltcDo6Y2FsbGVyR2V0dGVyCisKKyAgICAgICAgKiBranMvZnVuY3Rp b24uY3BwOgorICAgICAgICAoS0pTOjpGdW5jdGlvbkltcDo6YXJndW1lbnRzR2V0dGVyKTogUmVt b3ZlZCB1bm5lY2Vzc2FyeSBicmFjZXMuCisgICAgICAgIChLSlM6OkZ1bmN0aW9uSW1wOjpjYWxs ZXJHZXR0ZXIpOiBNb3JlIGxvZ2ljYWwgTlVMTCBjaGVja2luZy4KKwogMjAwNi0xMC0zMSAgT2xp dmVyIEh1bnQgIDxvbGl2ZXJAYXBwbGUuY29tPgogCiAgICAgICAgIFJldmlld2VkIGJ5IEdlb2Zm LgpJbmRleDogSmF2YVNjcmlwdENvcmUva2pzL2Z1bmN0aW9uLmNwcAo9PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBK YXZhU2NyaXB0Q29yZS9ranMvZnVuY3Rpb24uY3BwCShyZXZpc2lvbiAxNzUwMykKKysrIEphdmFT Y3JpcHRDb3JlL2tqcy9mdW5jdGlvbi5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTIxOSw5ICsyMTks OCBAQCBKU1ZhbHVlKiBGdW5jdGlvbkltcDo6YXJndW1lbnRzR2V0dGVyKEV4CiAgIEZ1bmN0aW9u SW1wKiB0aGlzT2JqID0gc3RhdGljX2Nhc3Q8RnVuY3Rpb25JbXAqPihzbG90LnNsb3RCYXNlKCkp OwogICBDb250ZXh0KiBjb250ZXh0ID0gZXhlYy0+bV9jb250ZXh0OwogICB3aGlsZSAoY29udGV4 dCkgewotICAgIGlmIChjb250ZXh0LT5mdW5jdGlvbigpID09IHRoaXNPYmopIHsKKyAgICBpZiAo Y29udGV4dC0+ZnVuY3Rpb24oKSA9PSB0aGlzT2JqKQogICAgICAgcmV0dXJuIHN0YXRpY19jYXN0 PEFjdGl2YXRpb25JbXAqPihjb250ZXh0LT5hY3RpdmF0aW9uT2JqZWN0KCkpLT5nZXQoZXhlYywg cHJvcGVydHlOYW1lKTsKLSAgICB9CiAgICAgY29udGV4dCA9IGNvbnRleHQtPmNhbGxpbmdDb250 ZXh0KCk7CiAgIH0KICAgcmV0dXJuIGpzTnVsbCgpOwpAQCAtMjI5LDE1ICsyMjgsMjYgQEAgSlNW YWx1ZSogRnVuY3Rpb25JbXA6OmFyZ3VtZW50c0dldHRlcihFeAogCiBKU1ZhbHVlKiBGdW5jdGlv bkltcDo6Y2FsbGVyR2V0dGVyKEV4ZWNTdGF0ZSogZXhlYywgSlNPYmplY3QqLCBjb25zdCBJZGVu dGlmaWVyJiwgY29uc3QgUHJvcGVydHlTbG90JiBzbG90KQogewotICAgIEZ1bmN0aW9uSW1wKiB0 aGlzT2JqID0gc3RhdGljX2Nhc3Q8RnVuY3Rpb25JbXAqID4oc2xvdC5zbG90QmFzZSgpKTsKKyAg ICBGdW5jdGlvbkltcCogdGhpc09iaiA9IHN0YXRpY19jYXN0PEZ1bmN0aW9uSW1wKj4oc2xvdC5z bG90QmFzZSgpKTsKICAgICBDb250ZXh0KiBjb250ZXh0ID0gZXhlYy0+bV9jb250ZXh0OwogICAg IHdoaWxlIChjb250ZXh0KSB7Ci0gICAgICAgIGlmIChjb250ZXh0LT5mdW5jdGlvbigpID09IHRo aXNPYmopIAotICAgICAgICAgICAgcmV0dXJuIChjb250ZXh0LT5jYWxsaW5nQ29udGV4dCgpLT5m dW5jdGlvbigpKSA/IGNvbnRleHQtPmNhbGxpbmdDb250ZXh0KCktPmZ1bmN0aW9uKCkgOiBqc051 bGwoKTsKLSAgICAgICAgCisgICAgICAgIGlmIChjb250ZXh0LT5mdW5jdGlvbigpID09IHRoaXNP YmopCisgICAgICAgICAgICBicmVhazsKICAgICAgICAgY29udGV4dCA9IGNvbnRleHQtPmNhbGxp bmdDb250ZXh0KCk7CiAgICAgfQotICAgIHJldHVybiBqc051bGwoKTsKKworICAgIGlmICghY29u dGV4dCkKKyAgICAgICAgcmV0dXJuIGpzTnVsbCgpOworICAgIAorICAgIENvbnRleHQqIGNhbGxp bmdDb250ZXh0ID0gY29udGV4dC0+Y2FsbGluZ0NvbnRleHQoKTsKKyAgICBpZiAoIWNhbGxpbmdD b250ZXh0KQorICAgICAgICByZXR1cm4ganNOdWxsKCk7CisgICAgCisgICAgRnVuY3Rpb25JbXAq IGNhbGxpbmdGdW5jdGlvbiA9IGNhbGxpbmdDb250ZXh0LT5mdW5jdGlvbigpOworICAgIGlmICgh Y2FsbGluZ0Z1bmN0aW9uKQorICAgICAgICByZXR1cm4ganNOdWxsKCk7CisKKyAgICByZXR1cm4g Y2FsbGluZ0Z1bmN0aW9uOwogfQogCiBKU1ZhbHVlKiBGdW5jdGlvbkltcDo6bGVuZ3RoR2V0dGVy KEV4ZWNTdGF0ZSosIEpTT2JqZWN0KiwgY29uc3QgSWRlbnRpZmllciYsIGNvbnN0IFByb3BlcnR5 U2xvdCYgc2xvdCkKSW5kZXg6IExheW91dFRlc3RzL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBM YXlvdXRUZXN0cy9DaGFuZ2VMb2cJKHJldmlzaW9uIDE3NTA2KQorKysgTGF5b3V0VGVzdHMvQ2hh bmdlTG9nCSh3b3JraW5nIGNvcHkpCkBAIC0xLDMgKzEsMTEgQEAKKzIwMDYtMTAtMzEgIEdlb2Zm cmV5IEdhcmVuICA8Z2dhcmVuQGFwcGxlLmNvbT4KKworICAgICAgICBBZGRlZCB0ZXN0IGZvciBh Y2Nlc3NpbmcgdGhlICdjYWxsZXInIHByb3BlcnR5IGZyb20gaW5zaWRlIGFuIGV2ZW50CisgICAg ICAgIGxpc3RlbmVyLgorCisgICAgICAgICogZmFzdC9ldmVudHMvY2FsbGVyLWFjY2Vzcy1mcm9t LWV2ZW50LWxpc3RlbmVyLWV4cGVjdGVkLnR4dDogQWRkZWQuCisgICAgICAgICogZmFzdC9ldmVu dHMvY2FsbGVyLWFjY2Vzcy1mcm9tLWV2ZW50LWxpc3RlbmVyLmh0bWw6IEFkZGVkLgorCiAyMDA2 LTEwLTMxICBHZW9mZnJleSBHYXJlbiAgPGdnYXJlbkBhcHBsZS5jb20+CiAKICAgICAgICAgQWRk ZWQgbGF5b3V0IHRlc3QgZm9yIGNvcHlpbmcgcGFzc3dvcmQgZmllbGQuCkluZGV4OiBMYXlvdXRU ZXN0cy9mYXN0L2V2ZW50cy9jYWxsZXItYWNjZXNzLWZyb20tZXZlbnQtbGlzdGVuZXItZXhwZWN0 ZWQudHh0Cj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT0KLS0tIExheW91dFRlc3RzL2Zhc3QvZXZlbnRzL2NhbGxlci1hY2Nl c3MtZnJvbS1ldmVudC1saXN0ZW5lci1leHBlY3RlZC50eHQJKHJldmlzaW9uIDApCisrKyBMYXlv dXRUZXN0cy9mYXN0L2V2ZW50cy9jYWxsZXItYWNjZXNzLWZyb20tZXZlbnQtbGlzdGVuZXItZXhw ZWN0ZWQudHh0CShyZXZpc2lvbiAwKQpAQCAtMCwwICsxLDQgQEAKK1RoaXMgdGVzdCB2ZXJpZmll cyB0aGF0IFdlYktpdCBkb2Vzbid0IGNyYXNoIHdoZW4gYWNjZXNzaW5nIHRoZSAnY2FsbGVyJyBw cm9wZXJ0eSBmcm9tIGluc2lkZSBhbiBldmVudCBsaXN0ZW5lci4KKworUEFTUzogV2ViS2l0IGRp ZG4ndCBjcmFzaC4KKwpJbmRleDogTGF5b3V0VGVzdHMvZmFzdC9ldmVudHMvY2FsbGVyLWFjY2Vz cy1mcm9tLWV2ZW50LWxpc3RlbmVyLmh0bWwKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gTGF5b3V0VGVzdHMvZmFz dC9ldmVudHMvY2FsbGVyLWFjY2Vzcy1mcm9tLWV2ZW50LWxpc3RlbmVyLmh0bWwJKHJldmlzaW9u IDApCisrKyBMYXlvdXRUZXN0cy9mYXN0L2V2ZW50cy9jYWxsZXItYWNjZXNzLWZyb20tZXZlbnQt bGlzdGVuZXIuaHRtbAkocmV2aXNpb24gMCkKQEAgLTAsMCArMSwxMiBAQAorPHA+VGhpcyB0ZXN0 IHZlcmlmaWVzIHRoYXQgV2ViS2l0IGRvZXNuJ3QgY3Jhc2ggd2hlbiBhY2Nlc3NpbmcgdGhlICdj YWxsZXInIHByb3BlcnR5Citmcm9tIGluc2lkZSBhbiBldmVudCBsaXN0ZW5lci48L3A+Cis8aHI+ Cis8cHJlPlBBU1M6IFdlYktpdCBkaWRuJ3QgY3Jhc2guPC9wcmU+Cis8c2NyaXB0IHNyYz0iLi4v anMvcmVzb3VyY2VzL2pzLXRlc3QtcHJlLmpzIj48L3NjcmlwdD4KKzxzY3JpcHQ+CitmdW5jdGlv biBjcmFzaCgpIHsKKyAgICBldmFsKCdjcmFzaC5jYWxsZXInKTsKK30KKword2luZG93Lm9ubG9h ZCA9IGNyYXNoOworPC9zY3JpcHQ+Cg==