[Webkit-unassigned] [Bug 119141] REGRESSION(FTL?): Crashes in plugin tests
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Jul 26 12:32:44 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=119141
--- Comment #6 from Zan Dobersek <zandobersek at gmail.com> 2013-07-26 12:32:33 PST ---
Was actually just debugging this.
In WebCore::createScriptCallStack(JSC::ExecState*s, size_t), the call frame stack consists only of the console.log frame (i.e. 'log@[native code]'). However, this frame is stepped over in the for loop initialization[1], causing the returned call frame vector to be empty.
[1] http://trac.webkit.org/browser/trunk/Source/WebCore/bindings/js/ScriptCallStackFactory.cpp#L83
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list