RESOLVED FIXED Bug 20391
REGRESSION (r35417-r35531): Crash in Machine.cpp:1838 when leaving GAFYD GMail 
https://bugs.webkit.org/show_bug.cgi?id=20391
Summary REGRESSION (r35417-r35531): Crash in Machine.cpp:1838 when leaving GAFYD GMail
Ian 'Hixie' Hickson
Reported 2008-08-14 22:52:38 PDT
STEPS TO REPRODUCE 1. Log in to Google Apps For Your Domain GMail 2. Reload, navigate away, or otherwise cause the page to unload. ACTUAL RESULTS Crash. Exception Type: EXC_BAD_ACCESS (SIGBUS) Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000000000004 Stack trace: http://pastebin.com/f51ea9e1d <bdash> Machine.cpp:1838 is where the crash is happening
Attachments
Add attachment proposed patch, testcase, etc.
Geoffrey Garen
Comment 1 2008-08-14 22:55:55 PDT
Very similar to https://bugs.webkit.org/show_bug.cgi?id=20386.
Ian 'Hixie' Hickson
Comment 2 2008-08-14 22:56:08 PDT
Doesn't crash in r35417 Does crash in r35531
Mark Rowe (bdash)
Comment 3 2008-08-14 23:15:46 PDT
Line 1838 is: r[dst] = scope->registerAt(index); The disassembly indicates that the crash is due to "scope" being 0.
Mark Rowe (bdash)
Comment 4 2008-08-15 04:37:13 PDT
<rdar://problem/6152195>
Cameron Zwarich (cpst)
Comment 5 2008-08-16 14:30:57 PDT
This is a reproducible crash, so it should be P1. I am also assigning it to myself.
Cameron Zwarich (cpst)
Comment 6 2008-08-17 04:00:50 PDT
Since this seems so similar to bug 20386, it seems like the regression is caused by r35445, but I have no way of testing myself. I'll try to fix bug 20386, and see if the fix also works for this bug.
Oliver Hunt
Comment 7 2008-08-17 16:43:35 PDT
bug 20386 is now fixed (r35812) so this may be fixed. Hixie can you check?
Cameron Zwarich (cpst)
Comment 8 2008-08-22 21:05:20 PDT
Ian said that this was indeed fixed.
Note You need to log in before you can comment on or make changes to this bug.