Bug 83096

Summary:

Linux crashes during boot

Product:

WebKit

Reporter:

Gavin Barraclough <barraclough>

Component:

JavaScriptCore

Assignee:

Gavin Barraclough <barraclough>

Status:

RESOLVED FIXED

Severity:

Normal

Priority:

Version:

528+ (Nightly build)

Hardware:

Unspecified

OS:

Unspecified

URL:

http://www.ubercomp.com/jslm32/src/

Attachments:

Description	Flags
Fix	fpizlo: review+

Gavin Barraclough

Reported 2012-04-03 16:57:15 PDT

The bug here is that we add empty JSValues to the sparse map, and then set them - but a GC may occur before doing so (due to a call to reportExtraMemory cost). We may want to consider making it safe to mark empty JSValues, but the simple & contained fix to this specific bug is to just initialize these values to something other than JSValue().

Attachments
Fix (1.60 KB, patch) 2012-04-03 16:59 PDT, Gavin Barraclough	fpizlo: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Gavin Barraclough

Comment 1 2012-04-03 16:59:10 PDT

Created attachment 135457 [details] Fix

Gavin Barraclough

Comment 2 2012-04-03 17:30:03 PDT

Fixed in r113112

Note You need to log in before you can comment on or make changes to this bug.