[Webkit-unassigned] [Bug 138543] Assertions in JSC::StackVisitor::Frame::existingArguments() during stack unwinding
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Nov 10 13:15:14 PST 2014
https://bugs.webkit.org/show_bug.cgi?id=138543
--- Comment #4 from Akos Kiss <akiss at inf.u-szeged.hu> ---
If I'm right, create_lexical_environment at [3] sets up activation to r-1. So, before that, although codeBlock()->needsActivation() is true, the frame does not have activation yet.
About the test: I'm not sure yet that I can force the first 6 instructions throw an exception... at least "naturally", but only from "outside" by ExceptionFuzz. When ExceptionFuzz was introduced in http://trac.webkit.org/changeset/171213 , StackVisitor was modified to handle throws in op_enter. I guess that was also only to cover such artificial fuzz exceptions. (At least I could not find any already existing test that would reliably trigger that exception, unfortunately.)
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20141110/84db579e/attachment-0002.html>
More information about the webkit-unassigned
mailing list