[Webkit-unassigned] [Bug 156487] REGRESSION(r197520) Crash in JSC::Register::codeBlock on http://detexify.kirelabs.org/symbols.html and http://gexpertise.fr/activites/metiers/stockage with GCC

[bugzilla-daemon at webkit.org]

https://bugs.webkit.org/show_bug.cgi?id=156487

--- Comment #7 from Carlos Alberto Lopez Perez <clopez at igalia.com> ---
(In reply to comment #6)
> I have just build r197520 and also crashes, so is not something specific of
> the 2.12.x branch. It can be reproduced on trunk at r197520.
> 
> Current master don't crashes. I will try to bisect which revision "fixed" it
> on trunk

Bisect done.

This is the revision that fixed it on trunk:

r199076 <http://trac.webkit.org/r199076> -- JSC should use a shadow stack version of CHICKEN so that debuggers have the option of retrieving tail-deleted frames ​https://bugs.webkit.org/show_bug.cgi?id=155598

Is quite a large changeset, not sure if we could backport this to the 2.12.x branch

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160428/ec310fc5/attachment.html>