Bug 61090 - JSGlobalObject and some others do GC allocation during initialization, which can cause heap corruption
Summary: JSGlobalObject and some others do GC allocation during initialization, which ...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Oliver Hunt
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-05-18 13:30 PDT by Oliver Hunt
Modified: 2011-05-19 13:36 PDT (History)
2 users (show)

See Also:

Attachments
Patch (18.42 KB, patch)
2011-05-18 13:36 PDT, Oliver Hunt 		sam: review+
Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Oliver Hunt 2011-05-18 13:30:24 PDT 
JSGlobalObject and some others do GC allocation during initialization, which can cause heap corruption
Comment 1 Oliver Hunt 2011-05-18 13:36:31 PDT 
Created attachment 93979 [details]
Patch
Comment 2 Geoffrey Garen 2011-05-18 13:47:56 PDT 
<rdar://problem/9455877>
Comment 3 Oliver Hunt 2011-05-18 13:49:13 PDT 
Committed r86785: <http://trac.webkit.org/changeset/86785>
Comment 4 Ademar Reis 2011-05-19 13:36:40 PDT 
Revision r86785 cherry-picked into qtwebkit-2.2 with commit 203ddbc <http://gitorious.org/webkit/qtwebkit/commit/203ddbc>