Bug 183175

Summary: JSC crash with `import("")`
Product: WebKit Reporter: André Bargull <andre.bargull>
Component: JavaScriptCoreAssignee: Yusuke Suzuki <ysuzuki>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, ews-watchlist, keith_miller, mark.lam, msaboff, ryanhaddad, saam, webkit-bug-importer, ysuzuki
Priority: P2 Keywords: InRadar
Version: WebKit Local Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description André Bargull 2018-02-27 12:36:01 PST 
SVN: rev228977
Build with: perl Tools/Scripts/build-jsc --jsc-only --debug


Executing the following test case leads to this crash:
---
1   0x7f0fd0957705 WTFCrash
2   0x48e47d WTF::VectorBufferBase<char, WTF::FastMalloc>::allocateBuffer(unsigned long)
3   0x48c170 WTF::Vector<char, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>::reserveCapacity(unsigned long)
4   0x48744f WTF::Vector<char, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>::expandCapacity(unsigned long)
5   0x482240 WTF::Vector<char, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>::resize(unsigned long)
6   0x459f05
7   0x45a15c
8   0x45a30f GlobalObject::moduleLoaderFetch(JSC::JSGlobalObject*, JSC::ExecState*, JSC::JSModuleLoader*, JSC::JSValue, JSC::JSValue, JSC::JSValue)
9   0x7f0fd06293e9 JSC::JSModuleLoader::fetch(JSC::ExecState*, JSC::JSValue, JSC::JSValue, JSC::JSValue)
10  0x7f0fd06c027b
11  0x7f0f89eff185
---


Test case:
---
import("");
---
Comment 1 Yusuke Suzuki 2018-02-28 05:06:46 PST 
Created attachment 334740 [details]
Patch
Comment 2 Yusuke Suzuki 2018-02-28 08:26:34 PST 
Comment on attachment 334740 [details]
Patch

Thanks!
Comment 3 WebKit Commit Bot 2018-02-28 08:38:37 PST 
Comment on attachment 334740 [details]
Patch

Clearing flags on attachment: 334740

Committed r229092: <https://trac.webkit.org/changeset/229092>
Comment 4 WebKit Commit Bot 2018-02-28 08:38:38 PST 
All reviewed patches have been landed.  Closing bug.
Comment 5 Radar WebKit Bug Importer 2018-02-28 08:39:36 PST 
<rdar://problem/37985858>
Comment 6 Ryan Haddad 2018-02-28 13:41:46 PST 
(In reply to WebKit Commit Bot from comment #3)
> Comment on attachment 334740 [details]
> Patch
> 
> Clearing flags on attachment: 334740
> 
> Committed r229092: <https://trac.webkit.org/changeset/229092>
The test added with this change is failing on debug JSC bots due to an unchecked exception:
https://build.webkit.org/builders/Apple%20High%20Sierra%2032-bit%20JSC%20(BuildAndTest)/builds/1298/steps/webkit-32bit-jsc-test/logs/stdio
Comment 7 Yusuke Suzuki 2018-03-01 02:24:39 PST 
Committed r229129: <https://trac.webkit.org/changeset/229129>