[Webkit-unassigned] [Bug 161308] REGRESSION (r205107): ASSERTION FAILED: !(reinterpret_cast<char*>(this)[i])
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Aug 30 01:50:55 PDT 2016
https://bugs.webkit.org/show_bug.cgi?id=161308
--- Comment #9 from Carlos Garcia Campos <cgarcia at igalia.com> ---
// The WTF Traits for AbstractValue allow the initialization of values with bzero().
// We verify the correctness of this assumption here.
So, that's assuming that AbstractValue is always created as a Vector or Hash value and then initialized by them with memset. But AbstractValue::heapTop(), AbstractValue::bytecodeTop() and AbstractValue::fullTop() are creating a stack allocated AbstractValue that is not zero initialized.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160830/705b0355/attachment-0001.html>
More information about the webkit-unassigned
mailing list