[Webkit-unassigned] [Bug 43314] crash in cti_op_get_by_val + 473 : immediately after logging in to gmail.com: (r64246-r64341)

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun Aug 1 12:34:11 PDT 2010


https://bugs.webkit.org/show_bug.cgi?id=43314


Joe Strzemp <maccinema at yahoo.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|crash in cti_op_get_by_val  |crash in cti_op_get_by_val
                   |+ 473 : immediately after   |+ 473 : immediately after
                   |logging in to gmail.com     |logging in to gmail.com:
                   |                            |(r64246-r64341)
                 CC|                            |barraclough at apple.com




--- Comment #1 from Joe Strzemp <maccinema at yahoo.com>  2010-08-01 12:34:11 PST ---
Looks to me like the most likely suspect for this crash is changeset 64320:
"Changed the handling for removing and adding elements at the front of an array"
as JSC::JIT:: emit_op_put_by_val was changed.

This started failing somewhere in r64246-r64341.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.



More information about the webkit-unassigned mailing list