[Webkit-unassigned] [Bug 177368] Crash in StackFrame::visitChildren

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Sep 22 10:53:08 PDT 2017


https://bugs.webkit.org/show_bug.cgi?id=177368

--- Comment #1 from Saam Barati <sbarati at apple.com> ---
It seems like we probably want a storeStoreFence() before storing to m_stackTrace in ErrorInstance. That said, it's really unlikely this is the cause of the crash on x86 since storeStoreFence is a compiler fence, and we're storing the result of a call. I think we may want the storeStoreFence for arm though, so:

    m_stackTrace = getStackTrace(exec, vm, this, useCurrentFrame);

should become
   auto tmp = getStackTrace(exec, vm, this, useCurrentFrame);
   storeStoreFence()
   m_stackTrace = WTFMove(tmp)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170922/66a5d56e/attachment.html>


More information about the webkit-unassigned mailing list