[Webkit-unassigned] [Bug 41454] Crash in JSC::JSValue::operator bool when loading postimees.ee
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Oct 10 12:17:04 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=41454
--- Comment #25 from Priit Laes (IRC: plaes) <plaes at plaes.org> 2010-10-10 12:17:04 PST ---
(In reply to comment #24)
> That patch is really wrong (it essentially elides the stack overflow protection in the vm.
>
> I believe we understand this bug, but haven't yet determined the correct fix, can you try commenting out the lines:
>
> // Shrink the JS stack, in case stack overflow made it huge.
> m_registerFile.shrink(callFrame->registers() + callFrame->codeBlock()->m_numCalleeRegisters);
>
> in Interpreter.cpp -- it's around line 644 (i have a large patch in my tree so i can't guarantee exact line number)
Seems to be working after I removed these lines.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list