RESOLVED FIXED 31998
REGRESSION (r49564): Crash in updateGlobalHistory when running Javascript iBench test 
https://bugs.webkit.org/show_bug.cgi?id=31998
Summary REGRESSION (r49564): Crash in updateGlobalHistory when running Javascript iBe...
Adam Roben (:aroben)
Reported 2009-11-30 13:32:22 PST
Created attachment 44039 [details] Patch Looks like there's a double-delete of the BSTRs here. updateGlobalHistory creates WebCore::BStrings and passes them to WebNavigationData::createInstance, which tries to adopt the BSTRs that the BStrings wrap. But the BStrings haven't given up ownership!
Attachments
Patch (5.75 KB, patch)
2009-11-30 13:32 PST, Adam Roben (:aroben) 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Adam Roben (:aroben)
Comment 1 2009-11-30 13:33:58 PST
<rdar://problem/7383452>
Adam Barth
Comment 2 2009-11-30 13:37:03 PST
style-queue ran check-webkit-style on attachment 44039 [details] without any errors.
Adam Roben (:aroben)
Comment 3 2009-11-30 13:41:46 PST
Committed r51510: <http://trac.webkit.org/changeset/51510>
Eric Seidel (no email)
Comment 4 2009-11-30 21:42:39 PST
Comment on attachment 44039 [details] Patch Clearing r? on a committed patch.
Note You need to log in before you can comment on or make changes to this bug.