64562 – DFG JIT crashes on host constructor calls in debug mode

RESOLVED FIXED 64562

DFG JIT crashes on host constructor calls in debug mode

https://bugs.webkit.org/show_bug.cgi?id=64562

Summary DFG JIT crashes on host constructor calls in debug mode

Filip Pizlo

Reported 2011-07-14 14:43:27 PDT

The DFG JIT's support for host constructor calls has a broken ASSERT statement that results in crashes in debug mode.

Attachments
the patch (4.14 KB, patch) 2011-07-14 14:52 PDT, Filip Pizlo	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Filip Pizlo

Comment 1 2011-07-14 14:52:15 PDT

WebKit Review Bot

Comment 2 2011-07-14 16:26:58 PDT

Comment on attachment 100867 [details] the patch Clearing flags on attachment: 100867 Committed r91034: <http://trac.webkit.org/changeset/91034>

WebKit Review Bot

Comment 3 2011-07-14 16:27:02 PDT

All reviewed patches have been landed. Closing bug.

Vincent Scheib

Comment 4 2011-07-14 16:38:23 PDT

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware All

OS All

Product WebKit

Component JavaScriptCore

Assignee

Nobody

Reported

2011-07-14 14:43 PDT

Modified

2011-07-14 16:38 PDT History

CC List

4 users Show

URL

Keywords

Depends on

Blocks