RESOLVED FIXED91098
[BlackBerry] WebPage::executeJavaScriptFunction crashes when there is an exception 
https://bugs.webkit.org/show_bug.cgi?id=91098
Summary [BlackBerry] WebPage::executeJavaScriptFunction crashes when there is an exce...
Benjamin Meyer
Reported 2012-07-12 08:28:02 PDT
When there is an exception currently the code tries to get the string of the exception via JSValueToStringCopy to pass back, but this cases a crash inside JavaScriptCore, so change it to simply return false and not set the return value with the exception string.
Attachments
patch (3.17 KB, patch)
2012-07-12 09:07 PDT, Benjamin Meyer 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Benjamin Meyer
Comment 1 2012-07-12 09:07:36 PDT
Created attachment 151968 [details] patch
Benjamin Meyer
Comment 2 2012-07-12 09:18:09 PDT
For the curious, here is the BT for the crash #0 isString (this=0x0) at /home/bmeyer/git/qnx/webkit/Source/JavaScriptCore/runtime/JSCell.cpp:215 #1 JSC::JSCell::toPrimitive (this=0x0, exec=0x82bfcb0, preferredType=JSC::PreferString) at /home/bmeyer/git/qnx/webkit/Source/JavaScriptCore/runtime/JSCell.cpp:138 #2 0xbb3139be in JSC::JSValue::toStringSlowCase (this=0x7bc1c84, exec=0x82bfcb0) at /home/bmeyer/git/qnx/webkit/Source/JavaScriptCore/runtime/JSValue.cpp:279 #3 0xbb291d36 in toString (exec=0x82bfcb0, this=0x7bc1c84) at /home/bmeyer/git/qnx/webkit/Source/JavaScriptCore/runtime/JSString.h:495 #4 JSValueToStringCopy (ctx=0x82bfcb0, value=0x0, exception=0x0) at /home/bmeyer/git/qnx/webkit/Source/JavaScriptCore/API/JSValueRef.cpp:296 #5 0xb9db1d8e in BlackBerry::WebKit::WebPage::executeJavaScriptFunction (this=0x81e6e90, function=..., args=..., returnType=@0x7bc1d5c: BlackBerry::WebKit::JSException, returnValue=...)
WebKit Review Bot
Comment 3 2012-07-12 10:11:15 PDT
Comment on attachment 151968 [details] patch Clearing flags on attachment: 151968 Committed r122476: <http://trac.webkit.org/changeset/122476>
WebKit Review Bot
Comment 4 2012-07-12 10:11:24 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.