22413 2008-11-21 14:25:19 -0800 REGRESSION (r38652): Google Code page crashes WebKit 2025-12-22 15:58:45 -0800 1 1 1 Unclassified WebKit New Bugs 528+ (Nightly build) Mac OS X 10.5 RESOLVED FIXED http://code.google.com/apis/ajaxlibs/documentation/ GoogleBug, NeedsReduction, Regression P1 Normal --- 1 charles_ying barraclough 858wildcat ap barraclough blessed22759 dieter doggeral hbridge+bugzilla irony42 jimoase josehenton13 kai.conragan roncouver vorkbob Wout.Mertens zwarich oldest_to_newest 99700 0 charles_ying 2008-11-21 14:25:19 -0800 WebKit nightly r38654 crashes on the above web page. 99761 1 zwarich 2008-11-21 21:41:51 -0800 I can confirm this with a local debug build of r38680. 99764 2 zwarich 2008-11-21 22:40:49 -0800 I thought this might be a reparsing bug, but it works fine in r38635, the revision that introduced reparsing. 99765 3 zwarich 2008-11-21 23:18:30 -0800 I can verify that this regresses in r38652, the introduction of polymorphic caching of prototype accesses. 99770 4 25373 barraclough 2008-11-22 01:15:56 -0800 Created attachment 25373 Ooops 99771 5 25373 zwarich 2008-11-22 04:00:50 -0800 Comment on attachment 25373 Ooops Add a reference to this bug in the ChangeLog, and add a reproducibly failing layout test for this situation to fast/js/pic. Assuming you do that, r=me. 99774 6 zwarich 2008-11-22 04:31:04 -0800 *** Bug 22408 has been marked as a duplicate of this bug. *** 99874 7 zwarich 2008-11-23 21:31:31 -0800 Gavin, hopefully you can get around to making a test and landing this soon. This bug makes WebKit unusable for a lot of people. 99878 8 barraclough 2008-11-23 22:01:50 -0800 Sending JavaScriptCore/ChangeLog Sending JavaScriptCore/jit/JIT.cpp Transmitting file data .. Committed revision 38697. 99893 9 mrowe 2008-11-24 00:33:53 -0800 *** Bug 22438 has been marked as a duplicate of this bug. *** 99895 10 mrowe 2008-11-24 00:34:00 -0800 *** Bug 22442 has been marked as a duplicate of this bug. *** 99897 11 mrowe 2008-11-24 00:34:09 -0800 *** Bug 22445 has been marked as a duplicate of this bug. *** 99899 12 mrowe 2008-11-24 00:34:14 -0800 *** Bug 22437 has been marked as a duplicate of this bug. *** 99901 13 mrowe 2008-11-24 00:34:21 -0800 *** Bug 22446 has been marked as a duplicate of this bug. *** 99903 14 mrowe 2008-11-24 00:34:27 -0800 *** Bug 22436 has been marked as a duplicate of this bug. *** 99905 15 mrowe 2008-11-24 00:34:37 -0800 *** Bug 22435 has been marked as a duplicate of this bug. *** 99909 16 ap 2008-11-24 01:35:09 -0800 (In reply to comment #8) > Sending JavaScriptCore/ChangeLog > Sending JavaScriptCore/jit/JIT.cpp Can a test be added for this bug? 99934 17 mrowe 2008-11-24 03:15:31 -0800 *** Bug 22434 has been marked as a duplicate of this bug. *** 99936 18 mrowe 2008-11-24 03:15:52 -0800 *** Bug 22424 has been marked as a duplicate of this bug. *** 99938 19 mrowe 2008-11-24 03:16:01 -0800 *** Bug 22425 has been marked as a duplicate of this bug. *** 99940 20 mrowe 2008-11-24 03:16:11 -0800 *** Bug 22422 has been marked as a duplicate of this bug. *** 99942 21 mrowe 2008-11-24 03:16:25 -0800 *** Bug 22427 has been marked as a duplicate of this bug. *** 25373 2008-11-22 01:15:56 -0800 2008-11-22 04:00:50 -0800 Ooops patch.oops.txt text/plain 984 barraclough SW5kZXg6IENoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBDaGFuZ2VMb2cJKHJldmlzaW9uIDM4Njkw KQorKysgQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBAIC0xLDMgKzEsMTIgQEAKKzIwMDgtMTEt MjIgIEdhdmluIEJhcnJhY2xvdWdoICA8YmFycmFjbG91Z2hAYXBwbGUuY29tPgorCisgICAgICAg IFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFJlcGxhY2UgYWNjaWRlbnRh bGx5IGRlbGV0ZWQgaW1tZWRpYXRlIGNoZWNrIGZyb20gZ2V0IGJ5IGlkIGNoYWluIHRyYW1wb2xp bmUuCisKKyAgICAgICAgKiBqaXQvSklULmNwcDoKKyAgICAgICAgKEpTQzo6SklUOjpwcml2YXRl Q29tcGlsZUdldEJ5SWRDaGFpbik6CisKIDIwMDgtMTEtMjEgIEdhdmluIEJhcnJhY2xvdWdoICA8 YmFycmFjbG91Z2hAYXBwbGUuY29tPgogCiAgICAgICAgIFJldmlld2VkIGJ5IE9saXZlciBIdW50 LgpJbmRleDogaml0L0pJVC5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gaml0L0pJVC5jcHAJKHJldmlzaW9u IDM4NjkwKQorKysgaml0L0pJVC5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTMzMTMsNiArMzMxMyw3 IEBAIHZvaWQgSklUOjpwcml2YXRlQ29tcGlsZUdldEJ5SWRDaGFpbihTdHIKIAogICAgIC8vIENo ZWNrIGVheCBpcyBhbiBvYmplY3Qgb2YgdGhlIHJpZ2h0IFN0cnVjdHVyZS4KICAgICBfXyB0ZXN0 bF9pMzJyKEpTSW1tZWRpYXRlOjpUYWdNYXNrLCBYODY6OmVheCk7CisgICAgYnVja2V0c09mRmFp bC5hcHBlbmQoX18gam5lKCkpOwogICAgIGJ1Y2tldHNPZkZhaWwuYXBwZW5kKGNoZWNrU3RydWN0 dXJlKFg4Njo6ZWF4LCBzdHJ1Y3R1cmUpKTsKIAogICAgIFN0cnVjdHVyZSogY3VyclN0cnVjdHVy ZSA9IHN0cnVjdHVyZTsK