[Webkit-unassigned] [Bug 119140] REGRESSION: Crash beneath cti_vm_throw_slowpath due to invalid CallFrame pointer
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Aug 1 10:48:14 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=119140
Michael Saboff <msaboff at apple.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #207937| |review?
Flag| |
--- Comment #27 from Michael Saboff <msaboff at apple.com> 2013-08-01 10:47:57 PST ---
Created an attachment (id=207937)
--> (https://bugs.webkit.org/attachment.cgi?id=207937&action=review)
Patch
I tested this with MacOSX 32 bit build by running JS tests and examining the disassembly to verify that edx:eax are used for return values. I also compiled this for ARM and verified via disassembly that r1:r0 are used for the return value.
Maintainers of other platforms should verify this solves the issue for them as well before the patch is committed.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list