Bug 117749
| Summary: | Inline call frames fail to initialize unmodified argument slot correctly | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Oliver Hunt <oliver> |
| Component: | JavaScriptCore | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED DUPLICATE | ||
| Severity: | Normal | CC: | fpizlo, oliver |
| Priority: | P2 | Keywords: | InRadar |
| Version: | 528+ (Nightly build) | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
Oliver Hunt
function g() { f(i) }
function f() { arguments; doStuff(); }
function doStuff() { throw f.arguments; }
var h;
for (var i = 0; i < 100; i++) { try { g() } catch (e) { if (!h) h = e; } }
print(h[0]);
or
function g() { f(i) }
function f() { arguments; doStuff(); }
function doStuff() { throw f.arguments; }
var h;
for (var i = 0; i < 100; i++) { try { g() } catch (e) { if (i == 90) h = e; } }
print(h[0]);
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Oliver Hunt
<rdar://problem/14192906>
Filip Pizlo
Is this just a dupe of https://bugs.webkit.org/show_bug.cgi?id=117602?
Isn't the problem that op_throw in the DFG ByteCodeParser doesn't flush captured variables correctly?
Oliver Hunt
(In reply to comment #2)
> Is this just a dupe of https://bugs.webkit.org/show_bug.cgi?id=117602?
>
> Isn't the problem that op_throw in the DFG ByteCodeParser doesn't flush captured variables correctly?
Yeah I think so, i filed while i was originally trying to work out what was going wrong.
*** This bug has been marked as a duplicate of bug 117602 ***