| Summary: | ASSERTION FAILED: exec->vm().typeProfiler() in functionReturnTypeFor | ||||||
|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | Renata Hodovan <rhodovan.u-szeged> | ||||
| Component: | JavaScriptCore | Assignee: | Nobody <webkit-unassigned> | ||||
| Status: | NEW --- | ||||||
| Severity: | Normal | CC: | ggaren, saam | ||||
| Priority: | P2 | ||||||
| Version: | 528+ (Nightly build) | ||||||
| Hardware: | PC | ||||||
| OS: | Linux | ||||||
| Bug Depends on: | |||||||
| Bug Blocks: | 116980 | ||||||
| Attachments: |
|
||||||
Did you run this with: JSC_enableTypeProfiler=1 ? Also, I think this function also will assert if it's argument is not a function. This is the intention. This function is used in JSC's stress tests. |
Created attachment 256208 [details] Test case Load this test with debug or release jsc: returnTypeFor(arguments); Backtrace: ASSERTION FAILED: exec->vm().typeProfiler() ../../Source/JavaScriptCore/jsc.cpp(1142) : JSC::EncodedJSValue functionReturnTypeFor(JSC::ExecState*) 1 0x7ffff72d46db WTFCrash 2 0x428539 3 0x7fffb0fff0a8 [New Thread 0x7fffaf7fa700 (LWP 12117)] [New Thread 0x7fffafffb700 (LWP 12116)] [New Thread 0x7fffb07fc700 (LWP 12114)] [New Thread 0x7fffb0ffd700 (LWP 12113)] Program received signal SIGSEGV, Segmentation fault. 0x00007ffff72d46e0 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321 321 *(int *)(uintptr_t)0xbbadbeef = 0; (gdb) bt #0 0x00007ffff72d46e0 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321 #1 0x0000000000428539 in functionReturnTypeFor (exec=0x7fffffffca70) at ../../Source/JavaScriptCore/jsc.cpp:1142 #2 0x00007fffb0fff0a8 in ?? () #3 0x00007fffffffcac0 in ?? () #4 0x00007ffff727e8e9 in llint_entry () from webkit/WebKitBuild/Debug/lib/libjavascriptcore_efl.so.1 Backtrace stopped: frame did not save the PC