[Webkit-unassigned] [Bug 30033] [chromium] DateExtension has reliability bot crashes
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Oct 5 13:31:31 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=30033
--- Comment #10 from John Abd-El-Malek <jam at chromium.org> 2009-10-05 13:31:30 PDT ---
(In reply to comment #9)
> (In reply to comment #8)
> > This wasn't a reproducible crash. I'm open to suggestions on how this crash
> > can be reproduced.
>
> Did you try running GC explicitly at an opportune moment? I think there's a
> function to force GC around somewhere in LayoutTests.
Yeah I tried that, but the crash only happens if GC happens during the call to
the enableSleepDetection function that's in the closure. Trying to simulate gc
in the unload handlers themselves doesn't trigger this.
>
> > > + v8::Local<v8::Value> result =
> > > V8Proxy::retrieve()->evaluate(WebCore::ScriptSourceCode("Date"), 0);
> > >
> > > This seems overly complicated. Why not just get the "Date" property of the
> > > context's global object?
> >
> > Mads had suggested this. It's useful in case the page replaced the Date
> > object, in which case we don't want to override getTime since they could have
> > changed its functionality (i.e. added extra parameters).
>
> How does this solve that problem? Won't evaling "Date" just give you the
> modified object?
It prevents this problem because the modified "Date" object won't have the
hidden property on it, so the code will early return.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list