[Webkit-unassigned] [Bug 17932] "ASSERTION FAILED: type != Continue" with do/while and try/finally
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Mar 18 21:56:30 PDT 2008
http://bugs.webkit.org/show_bug.cgi?id=17932
mrowe at apple.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mrowe at apple.com
------- Comment #2 from mrowe at apple.com 2008-03-18 21:56 PDT -------
TryNode::execute saves the current completion type before executing the
"finally" block, and then uses setCompletionType to restore it afterwards:
if (m_finallyBlock) {
ComplType savedCompletionType = exec->completionType();
JSValue* finallyResult = m_finallyBlock->execute(exec);
if (exec->completionType() != Normal)
result = finallyResult;
else
exec->setCompletionType(savedCompletionType);
}
setCompletionType is implemented thusly:
// Only for use in the implementation of execute().
void setCompletionType(ComplType type)
{
ASSERT(type != Break);
ASSERT(type != Continue);
m_completionType = type;
}
I suspect that this could lead to an actual bug in a release build if a
targeted break or continue was used inside the "finally" block, as the target
is not saved and restored.
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list