Bug 40572

Summary: [Qt] Stack overflow when converting navigator object to QVariant
Product: WebKit Reporter: Andreas Kling <kling>
Component: WebKit QtAssignee: QtWebKit Unassigned <webkit-qt-unassigned>
Severity: Normal CC: commit-queue, hausmann, ryukbk
Priority: P2 Keywords: Qt, QtTriaged
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Bug Depends on:    
Bug Blocks: 35784    
Description Flags
Proposed patch
Proposed patch v2 none

Description Andreas Kling 2010-06-14 08:01:01 PDT
The navigator object is infinitely recursive thanks to MimeType and Plugin.
When converting it from a JSValue to a QVariant, we crash due to stack overflow.
Comment 1 Andreas Kling 2010-06-14 08:02:16 PDT
Created attachment 58649 [details]
Proposed patch
Comment 2 Andreas Kling 2010-06-14 08:14:42 PDT
Created attachment 58653 [details]
Proposed patch v2

Lowered recursion limit to 200 (40000 was too big for default ulimit -s value on Linux.)
Comment 3 WebKit Commit Bot 2010-06-14 09:38:29 PDT
Comment on attachment 58653 [details]
Proposed patch v2

Clearing flags on attachment: 58653

Committed r61127: <http://trac.webkit.org/changeset/61127>
Comment 4 WebKit Commit Bot 2010-06-14 09:38:34 PDT
All reviewed patches have been landed.  Closing bug.
Comment 5 Andreas Kling 2010-07-08 12:15:09 PDT
*** Bug 41750 has been marked as a duplicate of this bug. ***
Comment 6 Simon Hausmann 2010-08-03 05:10:02 PDT
Revision r61127 cherry-picked into qtwebkit-2.0 with commit d6aa024c84f61d0602bef4eef84efaed7cfeefcc