| Summary: | Javascript object created on the stack causes seg fault. | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | Patrick <phanna> | ||||||||
| Component: | JavaScriptCore | Assignee: | Nobody <webkit-unassigned> | ||||||||
| Status: | RESOLVED FIXED | ||||||||||
| Severity: | Normal | CC: | mbritto, sroret | ||||||||
| Priority: | P2 | Keywords: | InRadar | ||||||||
| Version: | 523.x (Safari 3) | ||||||||||
| Hardware: | Mac | ||||||||||
| OS: | OS X 10.4 | ||||||||||
| Attachments: |
|
||||||||||
|
Description
Patrick
2007-07-25 14:06:17 PDT
Created attachment 15685 [details]
Proposed changes
Comment on attachment 15685 [details]
Proposed changes
Patrick, note that you should have set the review flag to "?" to indicate that you want your patch reviewed.
Comment on attachment 15685 [details]
Proposed changes
This looks like the right fix!
I'm going to mark this r=me even though I have two complaints:
1) The ChangeLog needs an email address.
2) We prefer to check in regression tests any time we fix a bug. Is there any way to reproduce the crash in a layout test?
I will update the changelog to have my email address in it. There is a layout test that uncovered the bug for me. LayoutTests/plugins/plugin-javascript-access.html crashes for me every time. But this is on ARM and it crashes when running optimized release code. I'm not sure why it doesn't crash in debug code. Created attachment 15689 [details]
Patch with email address.
Added email address to ChangeLog.
(In reply to comment #6) > Created an attachment (id=15689) [edit] > Patch with email address. > > Added email address to ChangeLog. > It seems that you sent the same file.. with no email address :-) Comment on attachment 15689 [details]
Patch with email address.
Oops! Still no email address.
Created attachment 15702 [details]
For real this time
Landed in r24719. |