[Webkit-unassigned] [Bug 49976] [Qt] Fix crashes in debug mode

[bugzilla-daemon at webkit.org]

https://bugs.webkit.org/show_bug.cgi?id=49976


Robert Hogan <robert at webkit.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |darin at apple.com,
                   |                            |robert at webkit.org




--- Comment #4 from Robert Hogan <robert at webkit.org>  2010-11-24 11:57:17 PST ---
This is due to a problem with m_cacheableBindingRootObject in ScriptController. The call that is causing the crash is on LayoutTestController which is a runtime object and is a JSObjectWithGlobalObject. 

Darin predicted this in https://bugs.webkit.org/show_bug.cgi?id=48758#c13 unfortunately.

This particular crash seems to be due to a stale reference to the globalObject in the runtime object. This happens because m_cacheableBindingRootObject persists between page loads. The globalObject associated with the root object is updated between page loads since bug 48758. However there is still a reference to the old global object in the runtime object associated with the root object's/JSC object's instance. So it looks like that needs to be updated as well.

I'm not sure why this is only a problem on debug builds.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.