[Webkit-unassigned] [Bug 18642] Iterator context may get placed into the return register, leading to much badness
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Apr 20 16:24:10 PDT 2008
http://bugs.webkit.org/show_bug.cgi?id=18642
------- Comment #1 from oliver at apple.com 2008-04-20 16:24 PDT -------
Reduced to:
var o;
1; // loads into tr0 for the end result
try {
o.b;
} catch(e) {
for (i in e); // tr0 isn't ref'd here, so is reused by the iterator.
}
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list