Bug 11477 - REGRESSION: GMail crashes in KJS::FunctionImp::callerGetter
Summary: REGRESSION: GMail crashes in KJS::FunctionImp::callerGetter
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: 420+
Hardware: Mac OS X 10.4
: P1 Normal
Assignee: Geoffrey Garen
URL:
Keywords: GoogleBug, Regression
Depends on:
Blocks: 9638
  Show dependency treegraph
 
Reported: 2006-10-31 17:08 PST by Justin Garcia
Modified: 2006-11-01 03:40 PST (History)
0 users

See Also:

Attachments
fix w/layout test and changelog (4.08 KB, patch)
2006-10-31 18:08 PST, Geoffrey Garen 		bdakin: review+
Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Justin Garcia 2006-10-31 17:08:52 PST 
Goto http://mail.google.com/
Login

Crash:
0   com.apple.JavaScriptCore 	0x00324460 KJS::FunctionImp::callerGetter(KJS::ExecState*, KJS::JSObject*, KJS::Identifier const&, KJS::PropertySlot const&) + 32
1   com.apple.JavaScriptCore 	0x003407a0 KJS::JSObject::get(KJS::ExecState*, KJS::Identifier const&) const + 176
2   com.apple.JavaScriptCore 	0x00333cfc KJS::ArgumentListNode::evaluateList(KJS::ExecState*) + 92
3   com.apple.JavaScriptCore 	0x003347e4 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 452
4   com.apple.JavaScriptCore 	0x003333f8 KJS::AddNode::evaluate(KJS::ExecState*) + 120
5   com.apple.JavaScriptCore 	0x0033279c KJS::AssignResolveNode::evaluate(KJS::ExecState*) + 364
6   com.apple.JavaScriptCore 	0x00338a88 KJS::ExprStatementNode::execute(KJS::ExecState*) + 104
7   com.apple.JavaScriptCore 	0x0033bf38 KJS::SourceElementsNode::execute(KJS::ExecState*) + 472
8   com.apple.JavaScriptCore 	0x003389b8 KJS::BlockNode::execute(KJS::ExecState*) + 152
9   com.apple.JavaScriptCore 	0x00338cf8 KJS::IfNode::execute(KJS::ExecState*) + 392
10  com.apple.JavaScriptCore 	0x0033bf38 KJS::SourceElementsNode::execute(KJS::ExecState*) + 472
11  com.apple.JavaScriptCore 	0x003389b8 KJS::BlockNode::execute(KJS::ExecState*) + 152
12  com.apple.JavaScriptCore 	0x0033ba0c KJS::TryNode::execute(KJS::ExecState*) + 108
13  com.apple.JavaScriptCore 	0x0033be5c KJS::SourceElementsNode::execute(KJS::ExecState*) + 252
14  com.apple.JavaScriptCore 	0x003389b8 KJS::BlockNode::execute(KJS::ExecState*) + 152
15  com.apple.JavaScriptCore 	0x003257a8 KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 56
16  com.apple.JavaScriptCore 	0x00325110 KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 448
17  com.apple.JavaScriptCore 	0x003415e4 KJS::JSObject::call(KJS::ExecState*, KJS::JSObject*, KJS::List const&) + 116
18  com.apple.JavaScriptCore 	0x00334878 KJS::FunctionCallResolveNode::evaluate(KJS::ExecState*) + 600
19  com.apple.JavaScriptCore 	0x003333f8 KJS::AddNode::evaluate(KJS::ExecState*) + 120
20  com.apple.JavaScriptCore 	0x0033279c KJS::AssignResolveNode::evaluate(KJS::ExecState*) + 364
21  com.apple.JavaScriptCore 	0x00338a88 KJS::ExprStatementNode::execute(KJS::ExecState*) + 104
22  com.apple.JavaScriptCore 	0x0033bf38 KJS::SourceElementsNode::execute(KJS::ExecState*) + 472
23  com.apple.JavaScriptCore 	0x003389b8 KJS::BlockNode::execute(KJS::ExecState*) + 152
24  com.apple.JavaScriptCore 	0x00338cf8 KJS::IfNode::execute(KJS::ExecState*) + 392
25  com.apple.JavaScriptCore 	0x0033bf38 KJS::SourceElementsNode::execute(KJS::ExecState*) + 472
26  com.apple.JavaScriptCore 	0x003389b8 KJS::BlockNode::execute(KJS::ExecState*) + 152
27  com.apple.JavaScriptCore 	0x0033ba0c KJS::TryNode::execute(KJS::ExecState*) + 108

...
Comment 1 Geoffrey Garen 2006-10-31 17:34:02 PST 
I have a fix.
Comment 2 Geoffrey Garen 2006-10-31 18:08:20 PST 
Created attachment 11316 [details]
fix w/layout test and changelog
Comment 3 Beth Dakin 2006-10-31 18:16:33 PST 
Comment on attachment 11316 [details]
fix w/layout test and changelog

r=me!
Comment 4 Geoffrey Garen 2006-10-31 18:21:17 PST 
Committed revision 17507.