[Webkit-unassigned] [Bug 118498] ASSERTION FAILED: callFrame == vm->topCallFrame || callFrame == callFrame->lexicalGlobalObject()->globalExec() || callFrame == callFrame->dynamicGlobalObject()->globalExec() in JSC::Interpreter::addStackTraceIfNecessary
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jul 9 06:36:31 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=118498
--- Comment #2 from Mark Lam <mark.lam at apple.com> 2013-07-09 06:38:32 PST ---
A quick gdb session says:
(gdb) p callFrame
$12 = (CallFrame *) 0x1102b8b68
(gdb) p vm->topCallFrame
$13 = (class JSC::ExecState *) 0x1102b8ba8
(gdb) p vm->topCallFrame->callerFrame()
$14 = (CallFrame *) 0x1102b8b68
Looks like this is a case where the topCallFrame has been popped already, but the topCallFrame pointer itself has not been updated yet.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list