Bug 255319

Summary: Segmentation fault in JSC
Product: WebKit Reporter: zhunkibatu
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED WORKSFORME    
Severity: Normal CC: mark.lam, webkit-bug-importer, ysuzuki
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: PC   
OS: Linux   
Attachments:
Description Flags
the minimal poc none

zhunkibatu
Reported 2023-04-11 22:33:47 PDT
Created attachment 465857 [details] the minimal poc The following js code cause a segmentation fault in JSC. ========================================= function foo() { eval(``); foo.bind()(-1,0); } foo(); =========================================
Attachments
the minimal poc (63 bytes, text/javascript)
2023-04-11 22:33 PDT, zhunkibatu 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2023-04-12 17:32:51 PDT
I cannot reproduce this with macOS 13.4 beta. Just getting an exception: Exception: RangeError: Maximum call stack size exceeded.
Radar WebKit Bug Importer
Comment 2 2023-04-18 22:34:21 PDT
<rdar://problem/108243516>
Yusuke Suzuki
Comment 3 2025-05-23 17:44:47 PDT
It does not reproduce.
Note You need to log in before you can comment on or make changes to this bug.