Bug 149253

Summary: ASSERTION FAILED: s.length() > 1 in JSC::jsNontrivialString
Product: WebKit Reporter: Renata Hodovan <rhodovan.u-szeged>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED DUPLICATE    
Severity: Normal CC: bfulgham, mark.lam, msaboff
Priority: P2    
Version: WebKit Local Build   
Hardware: PC   
OS: Linux   
Bug Depends on:    
Bug Blocks: 116980    
Attachments:
Description Flags
Test case none

Renata Hodovan
Reported 2015-09-17 01:32:03 PDT
Created attachment 261377 [details] Test case Load this test with debug jsc: SyntaxError.prototype.name = 0; SyntaxError.prototype.toString(); Backtrace: ASSERTION FAILED: s.length() > 1 ../../Source/JavaScriptCore/runtime/JSString.h(491) : JSC::JSString* JSC::jsNontrivialString(JSC::VM*, const WTF::String&) Program received signal SIGSEGV, Segmentation fault. 0x00007ffff71b9ab6 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321 321 *(int *)(uintptr_t)0xbbadbeef = 0; (gdb) bt #0 0x00007ffff71b9ab6 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321 #1 0x00007ffff6db58e0 in JSC::jsNontrivialString (vm=0x7ffff1002000, s=...) at ../../Source/JavaScriptCore/runtime/JSString.h:491 #2 0x00007ffff6db5a4c in JSC::jsNontrivialString (exec=0x7fffffffc620, s=...) at ../../Source/JavaScriptCore/runtime/JSString.h:621 #3 0x00007ffff6fd6254 in JSC::errorProtoFuncToString (exec=0x7fffffffc620) at ../../Source/JavaScriptCore/runtime/ErrorPrototype.cpp:125 #4 0x00007fffb0fff0c8 in ?? () #5 0x00007fffffffc690 in ?? () #6 0x00007ffff7163101 in llint_entry () from WebKit/WebKitBuild/Debug/lib/libjavascriptcoregtk-4.0.so.18
Attachments
Test case (65 bytes, application/javascript)
2015-09-17 01:32 PDT, Renata Hodovan 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Brent Fulgham
Comment 1 2016-08-04 17:17:09 PDT
This problem does not reproduce under r204037, most likely due to changes in the JavaScript implementation. If you believe there is still a problem, please reopen this bug with a revised test case.
Mark Lam
Comment 2 2016-08-04 17:22:14 PDT
This was fixed independently in https://bugs.webkit.org/show_bug.cgi?id=160324. So, duping to 160324 to track when the fix landed. *** This bug has been marked as a duplicate of bug 160324 ***
Note You need to log in before you can comment on or make changes to this bug.