Bug 154812

Summary: REGRESSION(r197303): Web process crashes when starting the inspector after r197303
Product: WebKit Reporter: Carlos Garcia Campos <cgarcia>
Component: JavaScriptCoreAssignee: Andreas Kling <kling>
Status: RESOLVED FIXED    
Severity: Normal CC: andersca, bugs-noreply, bugzilla, clopez, commit-queue, keith_miller, kling, mark.lam, msaboff, saam
Priority: P2 Keywords: Gtk, InRadar, Regression
Version: WebKit Local Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Carlos Garcia Campos
Reported 2016-02-29 05:28:35 PST
Program received signal SIGSEGV, Segmentation fault. 0x00007efcf17aa10e in JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler(WTF::RefCountedArray<JSC::Instruction>&) () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 (gdb) bt #0 0x00007efcf17aa10e in JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler(WTF::RefCountedArray<JSC::Instruction>&) () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #1 0x00007efcf17b8233 in JSC::CodeBlock::finishCreation(JSC::VM&, JSC::ScriptExecutable*, JSC::UnlinkedCodeBlock*, JSC::JSScope*) () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #2 0x00007efcf1ce3f8a in JSC::ScriptExecutable::newCodeBlockFor(JSC::CodeSpecializationKind, JSC::JSFunction*, JSC::JSScope*, JSC::JSObject*&) () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #3 0x00007efcf1ce4825 in JSC::ScriptExecutable::prepareForExecutionImpl(JSC::ExecState*, JSC::JSFunction*, JSC::JSScope*, JSC::CodeSpecializationKind) () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #4 0x00007efcf1b00154 in JSC::Interpreter::execute(JSC::EvalExecutable*, JSC::ExecState*, JSC::JSValue, JSC::JSScope*) () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #5 0x00007efcf1d4a3a3 in JSC::globalFuncEval(JSC::ExecState*) () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 #6 0x00007efc90000068 in ?? () #7 0x00007fff869bd0e0 in ?? () #8 0x00007efcf1b9ce32 in llint_entry () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18 Backtrace stopped: frame did not save the PC The inspector works if I revert r197303 and thew follow up fix.
Attachments
Patch (2.30 KB, patch)
2016-03-07 08:38 PST, Andreas Kling 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Michael Bailey
Comment 1 2016-03-07 07:48:58 PST
The report mentions GTK, but I see this in the nightly builds on OS X 10.11.3 as well, with the same stack trace.
Andreas Kling
Comment 2 2016-03-07 08:34:44 PST
<rdar://problem/24999034>
Andreas Kling
Comment 3 2016-03-07 08:38:42 PST
Created attachment 273182 [details] Patch
Geoffrey Garen
Comment 4 2016-03-07 09:34:44 PST
Comment on attachment 273182 [details] Patch r=me
WebKit Commit Bot
Comment 5 2016-03-07 10:24:16 PST
Comment on attachment 273182 [details] Patch Clearing flags on attachment: 273182 Committed r197686: <http://trac.webkit.org/changeset/197686>
WebKit Commit Bot
Comment 6 2016-03-07 10:24:20 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.