Changeset 148106 in webkit


Ignore:
Timestamp:
Apr 10, 2013 10:47:44 AM (11 years ago)
Author:
oliver@apple.com
Message:

REGRESSION (r148073): WebKit Nightly r148082 crashes on launch in JSObjectSetPrivate
https://bugs.webkit.org/show_bug.cgi?id=114341

Reviewed by Alexey Proskuryakov.

Make JSObjectSetPrivate use uncheckedToJS as some clients
clear their private data during finalization for some reason.

  • API/JSObjectRef.cpp:

(JSObjectSetPrivate):

Location:
trunk/Source/JavaScriptCore
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/API/JSObjectRef.cpp

    r148073 r148106  
    357357bool JSObjectSetPrivate(JSObjectRef object, void* data)
    358358{
    359     JSObject* jsObject = toJS(object);
     359    JSObject* jsObject = uncheckedToJS(object);
    360360   
    361361    if (jsObject->inherits(&JSCallbackObject<JSGlobalObject>::s_info)) {

  • trunk/Source/JavaScriptCore/ChangeLog

    r148073 r148106  
     12013-04-10  Oliver Hunt  <oliver@apple.com>
     2
     3        REGRESSION (r148073): WebKit Nightly r148082 crashes on launch in JSObjectSetPrivate
     4        https://bugs.webkit.org/show_bug.cgi?id=114341
     5
     6        Reviewed by Alexey Proskuryakov.
     7
     8        Make JSObjectSetPrivate use uncheckedToJS as some clients
     9        clear their private data during finalization for some reason.
     10
     11        * API/JSObjectRef.cpp:
     12        (JSObjectSetPrivate):
     13
    1142013-04-09  Oliver Hunt  <oliver@apple.com>
    215
Note: See TracChangeset for help on using the changeset viewer.