Bug 154812

Summary: REGRESSION(r197303): Web process crashes when starting the inspector after r197303
Product: WebKit Reporter: Carlos Garcia Campos <cgarcia>
Component: JavaScriptCoreAssignee: Andreas Kling <kling>
Status: RESOLVED FIXED    
Severity: Normal CC: andersca, bugs-noreply, bugzilla, clopez, commit-queue, keith_miller, kling, mark.lam, msaboff, saam
Priority: P2 Keywords: Gtk, InRadar, Regression
Version: WebKit Local Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description Carlos Garcia Campos 2016-02-29 05:28:35 PST 
Program received signal SIGSEGV, Segmentation fault.
0x00007efcf17aa10e in JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler(WTF::RefCountedArray<JSC::Instruction>&) ()
   from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
(gdb) bt
#0  0x00007efcf17aa10e in JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler(WTF::RefCountedArray<JSC::Instruction>&) ()
   from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#1  0x00007efcf17b8233 in JSC::CodeBlock::finishCreation(JSC::VM&, JSC::ScriptExecutable*, JSC::UnlinkedCodeBlock*, JSC::JSScope*) ()
   from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#2  0x00007efcf1ce3f8a in JSC::ScriptExecutable::newCodeBlockFor(JSC::CodeSpecializationKind, JSC::JSFunction*, JSC::JSScope*, JSC::JSObject*&) ()
   from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#3  0x00007efcf1ce4825 in JSC::ScriptExecutable::prepareForExecutionImpl(JSC::ExecState*, JSC::JSFunction*, JSC::JSScope*, JSC::CodeSpecializationKind) ()
   from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#4  0x00007efcf1b00154 in JSC::Interpreter::execute(JSC::EvalExecutable*, JSC::ExecState*, JSC::JSValue, JSC::JSScope*) ()
   from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#5  0x00007efcf1d4a3a3 in JSC::globalFuncEval(JSC::ExecState*) () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#6  0x00007efc90000068 in ?? ()
#7  0x00007fff869bd0e0 in ?? ()
#8  0x00007efcf1b9ce32 in llint_entry () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
Backtrace stopped: frame did not save the PC

The inspector works if I revert r197303 and thew follow up fix.
Comment 1 Michael Bailey 2016-03-07 07:48:58 PST 
The report mentions GTK, but I see this in the nightly builds on OS X 10.11.3 as well, with the same stack trace.
Comment 2 Andreas Kling 2016-03-07 08:34:44 PST 
<rdar://problem/24999034>
Comment 3 Andreas Kling 2016-03-07 08:38:42 PST 
Created attachment 273182 [details]
Patch
Comment 4 Geoffrey Garen 2016-03-07 09:34:44 PST 
Comment on attachment 273182 [details]
Patch

r=me
Comment 5 WebKit Commit Bot 2016-03-07 10:24:16 PST 
Comment on attachment 273182 [details]
Patch

Clearing flags on attachment: 273182

Committed r197686: <http://trac.webkit.org/changeset/197686>
Comment 6 WebKit Commit Bot 2016-03-07 10:24:20 PST 
All reviewed patches have been landed.  Closing bug.