[Webkit-unassigned] [Bug 119140] REGRESSION: Crash beneath cti_vm_throw_slowpath due to invalid CallFrame pointer
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Aug 1 01:31:25 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=119140
Peng Xinchao <xinchao.peng at samsung.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |xinchao.peng at samsung.com
--- Comment #19 from Peng Xinchao <xinchao.peng at samsung.com> 2013-08-01 01:31:09 PST ---
I happened the same issue at GTK , ARM ,32bit And Disable DFG_JIT and FTL_JIT. Merge the patch , i happened other crash .
backtrace :
1 0x400d1608 libjavascriptcoregtk-3.0.so.0(_ZN3JSC9CodeBlock14bytecodeOffsetEPNS_9ExecStateENS_16ReturnAddressPtrE+0x28b) [0x400d1608]
2 0x401290e0 libjavascriptcoregtk-3.0.so.0(_ZN3JSC8jitThrowEPNS_2VMEPNS_9ExecStateENS_7JSValueENS_16ReturnAddressPtrE+0x1b) [0x401290e0]
3 0x40144d3c libjavascriptcoregtk-3.0.so.0(JITStubThunked_vm_throw+0x1f) [0x40144d3c]
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list