[Webkit-unassigned] [Bug 119140] REGRESSION: Crash beneath cti_vm_throw_slowpath due to invalid CallFrame pointer
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Aug 1 08:20:05 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=119140
--- Comment #22 from Julien Brianceau <jbrianceau at nds.com> 2013-08-01 08:19:49 PST ---
(In reply to comment #20)
> Results are ok:
> - run-fast-jsc reports "426 tests passed, 34 tests failed, 0 tests crashed."
> - run-javascriptcore-tests reports "0 regressions found. 0 tests fixed. OK."
Please note that results are ok for release builds ONLY (thanks to Zan who finds that debug builds were still KO with this).
(In reply to comment #21)
> I believe that is the standard System V ABI on x86, which is implemented by Linux, Mac OS X (not that 32-bit matters here I suppose :) and other Unixy variants . See also "Functions Returning Structures or Unions" in http://sco.com/developers/devspecs/abi386-4.pdf
>
> The invisible pointer-to-returned-structure argument that's normally on the stack indeed moves into the first register then.
>
> On Windows on the other hand the structure in this case (which is 8 bytes) is returned in an eax:edx pair, if it fits
> ( http://msdn.microsoft.com/en-us/library/984x0h58.aspx )
Thanks a lot for the documentation :) So this is not a compiler issue.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list