64562 2011-07-14 14:43:27 -0700 DFG JIT crashes on host constructor calls in debug mode 2011-07-14 16:38:23 -0700 1 1 1 Unclassified WebKit JavaScriptCore 528+ (Nightly build) All All RESOLVED FIXED P2 Normal --- 0 fpizlo webkit-unassigned barraclough fpizlo scheib webkit.review.bot oldest_to_newest 437340 0 fpizlo 2011-07-14 14:43:27 -0700 The DFG JIT's support for host constructor calls has a broken ASSERT statement that results in crashes in debug mode. 437344 1 100867 fpizlo 2011-07-14 14:52:15 -0700 Created attachment 100867 the patch 437403 2 100867 webkit.review.bot 2011-07-14 16:26:58 -0700 Comment on attachment 100867 the patch Clearing flags on attachment: 100867 Committed r91034: <http://trac.webkit.org/changeset/91034> 437404 3 webkit.review.bot 2011-07-14 16:27:02 -0700 All reviewed patches have been landed. Closing bug. 437409 4 scheib 2011-07-14 16:38:23 -0700 Committed r91035: <http://trac.webkit.org/changeset/91035> 100867 2011-07-14 14:52:15 -0700 2011-07-14 16:26:58 -0700 the patch fixassert_patch_1.diff text/plain 4241 fpizlo SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gOTEwMjgpCisrKyBTb3VyY2Uv SmF2YVNjcmlwdENvcmUvQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBAIC0xLDMgKzEsMTQgQEAK KzIwMTEtMDctMTQgIEZpbGlwIFBpemxvICA8ZnBpemxvQGFwcGxlLmNvbT4KKworICAgICAgICBE RkcgSklUIGNyYXNoZXMgb24gaG9zdCBjb25zdHJ1Y3RvciBjYWxscyBpbiBkZWJ1ZyBtb2RlLgor ICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9NjQ1NjIKKyAg ICAgICAgCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorICAgICAgICAKKyAg ICAgICAgRml4ZWQgdGhlIHJlbGV2YW50IEFTU0VSVC4KKworICAgICAgICAqIGRmZy9ERkdPcGVy YXRpb25zLmNwcDoKKwogMjAxMS0wNy0xNCAgRmlsaXAgUGl6bG8gIDxmcGl6bG9AYXBwbGUuY29t PgogCiAgICAgICAgIERGRyBzcGVjdWxhdGl2ZSBKSVQgY29udGFpbnMgYSBGSVhNRSBmb3IgcmV3 aW5kaW5nIHNwZWN1bGF0aXZlIGNvZGUgZ2VuZXJhdGlvbiB0aGF0CkluZGV4OiBTb3VyY2UvSmF2 YVNjcmlwdENvcmUvZGZnL0RGR09wZXJhdGlvbnMuY3BwCj09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9K YXZhU2NyaXB0Q29yZS9kZmcvREZHT3BlcmF0aW9ucy5jcHAJKHJldmlzaW9uIDkxMDI1KQorKysg U291cmNlL0phdmFTY3JpcHRDb3JlL2RmZy9ERkdPcGVyYXRpb25zLmNwcAkod29ya2luZyBjb3B5 KQpAQCAtNDc3LDcgKzQ3Nyw3IEBAIHN0YXRpYyB2b2lkKiBoYW5kbGVIb3N0Q2FsbChFeGVjU3Rh dGUqIGUKICAgICAgICAgQ29uc3RydWN0RGF0YSBjb25zdHJ1Y3REYXRhOwogICAgICAgICBDb25z dHJ1Y3RUeXBlIGNvbnN0cnVjdFR5cGUgPSBnZXRDb25zdHJ1Y3REYXRhKGNhbGxlZSwgY29uc3Ry dWN0RGF0YSk7CiAgICAgICAgIAotICAgICAgICBBU1NFUlQoY29uc3RydWN0VHlwZSA9IENvbnN0 cnVjdFR5cGVKUyk7CisgICAgICAgIEFTU0VSVChjb25zdHJ1Y3RUeXBlICE9IENvbnN0cnVjdFR5 cGVKUyk7CiAgICAgICAgIAogICAgICAgICBpZiAoY29uc3RydWN0VHlwZSA9PSBDb25zdHJ1Y3RU eXBlSG9zdCkgewogICAgICAgICAgICAgaWYgKCFnbG9iYWxEYXRhLT5pbnRlcnByZXRlci0+cmVn aXN0ZXJGaWxlKCkuZ3JvdyhleGVjQ2FsbGVlLT5yZWdpc3RlcnMoKSkpIHsKSW5kZXg6IExheW91 dFRlc3RzL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9DaGFuZ2VMb2cJKHJl dmlzaW9uIDkxMDI4KQorKysgTGF5b3V0VGVzdHMvQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBA IC0xLDMgKzEsMTggQEAKKzIwMTEtMDctMTQgIEZpbGlwIFBpemxvICA8ZnBpemxvQGFwcGxlLmNv bT4KKworICAgICAgICBERkcgSklUIGNyYXNoZXMgb24gaG9zdCBjb25zdHJ1Y3RvciBjYWxscyBp biBkZWJ1ZyBtb2RlLgorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5j Z2k/aWQ9NjQ1NjIKKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKyAgICAg ICAgCisgICAgICAgIFRoaXMgYnVnIHNudWNrIHBhc3Qgb3VyIHRlc3RzLCBzbyB0aGlzIHBhdGNo cyBhZGRzIGEgdGVzdCB0byBjb3ZlciB0aGlzCisgICAgICAgIGNhc2UuCisKKyAgICAgICAgKiBm YXN0L2pzL2FycmF5LWNvbnN0cnVjdG9yLWhvc3QtY2FsbC1leHBlY3RlZC50eHQ6IEFkZGVkLgor ICAgICAgICAqIGZhc3QvanMvYXJyYXktY29uc3RydWN0b3ItaG9zdC1jYWxsLmh0bWw6IEFkZGVk LgorICAgICAgICAqIGZhc3QvanMvc2NyaXB0LXRlc3RzL2FycmF5LWNvbnN0cnVjdG9yLWhvc3Qt Y2FsbC5qczogQWRkZWQuCisgICAgICAgIChjb25zdHJ1Y3RBcnJheSk6CisKIDIwMTEtMDctMTQg IFZpbmNlbnQgU2NoZWliICA8c2NoZWliQGNocm9taXVtLm9yZz4KIAogICAgICAgICBbY2hyb21p dW1dIHVwZGF0ZWQgdGVzdCBleHBlY3RhdGlvbnMuCkluZGV4OiBMYXlvdXRUZXN0cy9mYXN0L2pz L2FycmF5LWNvbnN0cnVjdG9yLWhvc3QtY2FsbC1leHBlY3RlZC50eHQKPT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0g TGF5b3V0VGVzdHMvZmFzdC9qcy9hcnJheS1jb25zdHJ1Y3Rvci1ob3N0LWNhbGwtZXhwZWN0ZWQu dHh0CShyZXZpc2lvbiAwKQorKysgTGF5b3V0VGVzdHMvZmFzdC9qcy9hcnJheS1jb25zdHJ1Y3Rv ci1ob3N0LWNhbGwtZXhwZWN0ZWQudHh0CShyZXZpc2lvbiAwKQpAQCAtMCwwICsxLDE1IEBACitU aGlzIHRlc3RzIHRoYXQgYXJyYXkgY29uc3RydWN0aW9uIHZpYSBhIGhvc3QgY2FsbCB3b3Jrcy4K KworT24gc3VjY2VzcywgeW91IHdpbGwgc2VlIGEgc2VyaWVzIG9mICJQQVNTIiBtZXNzYWdlcywg Zm9sbG93ZWQgYnkgIlRFU1QgQ09NUExFVEUiLgorCisKK1BBU1MgYXJyYXkgaW5zdGFuY2VvZiBB cnJheSBpcyB0cnVlCitQQVNTIGFycmF5Lmxlbmd0aCBpcyAxMDAKK1BBU1MgYXJyYXkgaW5zdGFu Y2VvZiBBcnJheSBpcyB0cnVlCitQQVNTIGFycmF5Lmxlbmd0aCBpcyAxMDAKK1BBU1MgYXJyYXkg aW5zdGFuY2VvZiBBcnJheSBpcyB0cnVlCitQQVNTIGFycmF5Lmxlbmd0aCBpcyAxMDAKK1BBU1Mg c3VjY2Vzc2Z1bGx5UGFyc2VkIGlzIHRydWUKKworVEVTVCBDT01QTEVURQorCkluZGV4OiBMYXlv dXRUZXN0cy9mYXN0L2pzL2FycmF5LWNvbnN0cnVjdG9yLWhvc3QtY2FsbC5odG1sCj09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT0KLS0tIExheW91dFRlc3RzL2Zhc3QvanMvYXJyYXktY29uc3RydWN0b3ItaG9zdC1jYWxsLmh0 bWwJKHJldmlzaW9uIDApCisrKyBMYXlvdXRUZXN0cy9mYXN0L2pzL2FycmF5LWNvbnN0cnVjdG9y LWhvc3QtY2FsbC5odG1sCShyZXZpc2lvbiAwKQpAQCAtMCwwICsxLDEzIEBACis8IURPQ1RZUEUg SFRNTCBQVUJMSUMgIi0vL0lFVEYvL0RURCBIVE1MLy9FTiI+Cis8aHRtbD4KKzxoZWFkPgorPGxp bmsgcmVsPSJzdHlsZXNoZWV0IiBocmVmPSJyZXNvdXJjZXMvanMtdGVzdC1zdHlsZS5jc3MiPgor PHNjcmlwdCBzcmM9InJlc291cmNlcy9qcy10ZXN0LXByZS5qcyI+PC9zY3JpcHQ+Cis8L2hlYWQ+ Cis8Ym9keT4KKzxwIGlkPSJkZXNjcmlwdGlvbiI+PC9wPgorPGRpdiBpZD0iY29uc29sZSI+PC9k aXY+Cis8c2NyaXB0IHNyYz0ic2NyaXB0LXRlc3RzL2FycmF5LWNvbnN0cnVjdG9yLWhvc3QtY2Fs bC5qcyI+PC9zY3JpcHQ+Cis8c2NyaXB0IHNyYz0icmVzb3VyY2VzL2pzLXRlc3QtcG9zdC5qcyI+ PC9zY3JpcHQ+Cis8L2JvZHk+Cis8L2h0bWw+CkluZGV4OiBMYXlvdXRUZXN0cy9mYXN0L2pzL3Nj cmlwdC10ZXN0cy9hcnJheS1jb25zdHJ1Y3Rvci1ob3N0LWNhbGwuanMKPT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0g TGF5b3V0VGVzdHMvZmFzdC9qcy9zY3JpcHQtdGVzdHMvYXJyYXktY29uc3RydWN0b3ItaG9zdC1j YWxsLmpzCShyZXZpc2lvbiAwKQorKysgTGF5b3V0VGVzdHMvZmFzdC9qcy9zY3JpcHQtdGVzdHMv YXJyYXktY29uc3RydWN0b3ItaG9zdC1jYWxsLmpzCShyZXZpc2lvbiAwKQpAQCAtMCwwICsxLDE1 IEBACitkZXNjcmlwdGlvbigKKyJUaGlzIHRlc3RzIHRoYXQgYXJyYXkgY29uc3RydWN0aW9uIHZp YSBhIGhvc3QgY2FsbCB3b3Jrcy4iCispOworCitmdW5jdGlvbiBjb25zdHJ1Y3RBcnJheShhcnJh eUNvbnN0cnVjdG9yKSB7CisgICAgcmV0dXJuIG5ldyBhcnJheUNvbnN0cnVjdG9yKDEwMCk7Cit9 CisKK2ZvciAodmFyIGkgPSAwOyBpIDwgMzsgKytpKSB7CisgICAgdmFyIGFycmF5ID0gY29uc3Ry dWN0QXJyYXkoQXJyYXkpOworICAgIHNob3VsZEJlVHJ1ZSgiYXJyYXkgaW5zdGFuY2VvZiBBcnJh eSIpOworICAgIHNob3VsZEJlKCJhcnJheS5sZW5ndGgiLCAiMTAwIik7Cit9CisKK3ZhciBzdWNj ZXNzZnVsbHlQYXJzZWQgPSB0cnVlOwo=