Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(20)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 13412003: Demo for WebKit bug #113735 (Closed)

Created:
7 years, 8 months ago by Peter Rybin
Modified:
7 years, 5 months ago
Reviewers:
Yang
CC:
v8-dev
Visibility:
Public.

Description

Demo for WebKit bug #113735 See the bug info: https://bugs.webkit.org/show_bug.cgi?id=113735

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+3 lines, -0 lines) Patch
M src/array.js View 1 chunk +3 lines, -0 lines 0 comments Download

Messages

Total messages: 1 (0 generated)
Peter Rybin
7 years, 8 months ago (2013-04-02 00:36:22 UTC) #1 
Hi Yang

Could you please advise with this issue.

Originally WebKit crashes on debug-mode assert at

receiver = isolate->factory()->ToObject(receiver,
calling_frames_native_context);

at runtime.cc:10443

because it spots a frame with a global object === undefined 

This patch checks that the undefined global object indeed can appear. If you
apply this patch and try to compile x64 version (not ia32!), build will fail.

We probably need to fix some part of this. Either get rid of undefined or allow
it in assert.

What do you think about this?

Peter

Powered by Google App Engine
This is Rietveld 408576698