[Webkit-unassigned] [Bug 136313] ASSERTION FAILED: from.isCell() && from.asCell()->JSCell::inherits(std::remove_pointer<To>::type::info()) in JSC::jsCast(JSC::JSValue) [with To = JSC::JSScope*]
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Aug 27 18:07:31 PDT 2014
https://bugs.webkit.org/show_bug.cgi?id=136313
--- Comment #9 from Akos Kiss <akiss at inf.u-szeged.hu> 2014-08-27 18:07:36 PST ---
For the records:
On ARM64/iOS/clang, the prologue of JavaScriptCore`operationCallEval starts like this:
JavaScriptCore[0x256a0c]: stp x20, x19, [sp, #-32]!
JavaScriptCore[0x256a10]: stp fp, lr, [sp, #16]
JavaScriptCore[0x256a14]: add fp, sp, #16
The procedure call standard for ARM64 (http://infocenter.arm.com/help/topic/com.arm.doc.ihi0055b/IHI0055B_aapcs64.pdf) says, in Section 5.4.3, that the location of the frame record within a stack frame is not specified, so both the iOS/clang and EFL/gcc prologues seem to be valid.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list