72561 – LayoutTests for Debug Builds Crashes in JavaScriptCore/yarr/YarrInterpreter.cpp(185)

RESOLVED FIXED72561

LayoutTests for Debug Builds Crashes in JavaScriptCore/yarr/YarrInterpreter.cpp(185)

https://bugs.webkit.org/show_bug.cgi?id=72561

Summary LayoutTests for Debug Builds Crashes in JavaScriptCore/yarr/YarrInterpreter.c...

Michael Saboff

Reported 2011-11-16 16:07:55 PST

The crash happens in CharAccess(const UString& s) : m_buffer(0) { if (s.is8Bit()) { #if USE(JSC) m_charSize = Char8; unsigned length = s.length(); m_ptr.ptr8 = m_buffer = static_cast<char *>(fastMalloc(length)); memcpy(m_buffer, s.latin1().data(), length); #else ASSERT_NOT_REACHED(); <=== This line is crashing #endif } else { m_charSize = Char16; m_ptr.ptr16 = s.characters(); } }

Attachments
Patch (2.55 KB, patch) 2011-11-16 16:22 PST, Michael Saboff	jamesr: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Michael Saboff

Comment 1 2011-11-16 16:22:09 PST

Created attachment 115475 [details] Patch

James Robinson

Comment 2 2011-11-16 16:24:51 PST

Comment on attachment 115475 [details] Patch Looks good

Michael Saboff

Comment 3 2011-11-16 16:25:43 PST

Committed r100523: <http://trac.webkit.org/changeset/100523>

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Critical

Classification Unclassified

Version 528+ (Nightly build)

Hardware All

OS All

Product WebKit

Component JavaScriptCore

Assignee

Michael Saboff

Reported

2011-11-16 16:07 PST

Modified

2011-11-16 16:25 PST History

CC List

0 users

URL

Keywords

Depends on

Blocks