Bug 69556

Summary: REGRESSION (r96595): First frame in assertion backtraces is no longer labeled "1"
Product: WebKit Reporter: Adam Roben (:aroben) <aroben>
Component: Web Template FrameworkAssignee: Gavin Peters <gavinp>
Status: RESOLVED FIXED    
Severity: Normal CC: darin, gavinp, mitz, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Mac (Intel)   
OS: OS X 10.7   
Attachments:
Description Flags
Patch none

Adam Roben (:aroben)
Reported 2011-10-06 13:43:24 PDT
Here's an assertion backtrace I got today: ASSERTION FAILED: !structure->m_previous Source/JavaScriptCore/runtime/Structure.cpp(236) : void JSC::Structure::materializePropertyMap(JSC::JSGlobalData &) 2 0x10203207c JSC::Structure::materializePropertyMap(JSC::JSGlobalData&) 3 0x101e0903c JSC::Structure::materializePropertyMapIfNecessary(JSC::JSGlobalData&) 4 0x101e08e93 JSC::Structure::get(JSC::JSGlobalData&, JSC::Identifier const&) 5 0x101e8a984 JSC::DFG::ByteCodeParser::parseBlock(unsigned int) 6 0x101e8d70d JSC::DFG::ByteCodeParser::parse() 7 0x101e8d913 JSC::DFG::parse(JSC::DFG::Graph&, JSC::JSGlobalData*, JSC::CodeBlock*) 8 0x101df4d9f JSC::DFG::compile(JSC::DFG::CompileMode, JSC::ExecState*, JSC::ExecState*, JSC::CodeBlock*, JSC::JITCode&, JSC::MacroAssemblerCodePtr*) 9 0x101df4d3c JSC::DFG::tryCompileFunction(JSC::ExecState*, JSC::ExecState*, JSC::CodeBlock*, JSC::JITCode&, JSC::MacroAssemblerCodePtr&) 10 0x101ecf743 JSC::FunctionExecutable::compileForCallInternal(JSC::ExecState*, JSC::ScopeChainNode*, JSC::ExecState*, JSC::JITCode::JITType) 11 0x101ecee9b JSC::FunctionExecutable::compileOptimizedForCall(JSC::ExecState*, JSC::ScopeChainNode*, JSC::ExecState*) 12 0x101e650fb JSC::FunctionExecutable::compileOptimizedFor(JSC::ExecState*, JSC::ScopeChainNode*, JSC::CodeSpecializationKind) 13 0x101e624b4 JSC::FunctionCodeBlock::compileOptimized(JSC::ExecState*, JSC::ScopeChainNode*) 14 0x101f1c4fb cti_optimize_from_ret 15 0x101f25f20 jscGeneratedNativeCode 16 0x101eeb509 JSC::JITCode::execute(JSC::RegisterFile*, JSC::ExecState*, JSC::JSGlobalData*) 17 0x101ee78b0 JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::ScopeChainNode*, JSC::JSObject*) 18 0x101e70fba JSC::evaluate(JSC::ExecState*, JSC::ScopeChainNode*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) 19 0x10326106d WebCore::JSMainThreadExecState::evaluate(JSC::ExecState*, JSC::ScopeChainNode*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) 20 0x10387c51c WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld*) 21 0x10387c644 WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) 22 0x103890372 WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) 23 0x10388f49f WebCore::ScriptElement::prepareScript(WTF::TextPosition const&, WebCore::ScriptElement::LegacyTypeSupport) 24 0x102ed1c34 WebCore::HTMLScriptRunner::runScript(WebCore::Element*, WTF::TextPosition const&) 25 0x102ed1a07 WebCore::HTMLScriptRunner::execute(WTF::PassRefPtr<WebCore::Element>, WTF::TextPosition const&) 26 0x102e63320 WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder() 27 0x102e6340b WebCore::HTMLDocumentParser::canTakeNextToken(WebCore::HTMLDocumentParser::SynchronousMode, WebCore::PumpSession&) 28 0x102e62d48 WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) 29 0x102e629b0 WebCore::HTMLDocumentParser::pumpTokenizerIfPossible(WebCore::HTMLDocumentParser::SynchronousMode) 30 0x102e63d44 WebCore::HTMLDocumentParser::resumeParsingAfterScriptExecution() 31 0x102e64387 WebCore::HTMLDocumentParser::executeScriptsWaitingForStylesheets() 32 0x102afbb62 WebCore::Document::removePendingSheet() Note that the first frame is labeled "2". It used to be labeled "1".
Attachments
Patch (1.61 KB, patch)
2011-10-06 14:55 PDT, Gavin Peters 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Gavin Peters
Comment 1 2011-10-06 14:55:28 PDT
Created attachment 110033 [details] Patch
Gavin Peters
Comment 2 2011-10-06 14:57:53 PDT
Comment on attachment 110033 [details] Patch I discussed this with gbarra, and we think also that there's some formatting changes that would benefit here. I'll add those in a separate CL so they can be debated without fixing these regressions. This fix was tested by adding some superfluous dump to some html elements, and running DumpRenderTree, and it is working for me.
mitz
Comment 3 2011-10-06 15:01:08 PDT
I think it would be better to fix the long-standing bug (which I’d introduced) where the numbering starts at 1. It really ought to start at 0.
mitz
Comment 4 2011-10-06 15:01:38 PDT
(The reason to start at 0 is that it would match other backtrace formats).
Gavin Peters
Comment 5 2011-10-06 15:19:59 PDT
mitz, I'll CC you on the upcoming bigger-changes-to-formatting CL. You will be interested.
WebKit Review Bot
Comment 6 2011-10-06 16:01:13 PDT
Comment on attachment 110033 [details] Patch Clearing flags on attachment: 110033 Committed r96869: <http://trac.webkit.org/changeset/96869>
WebKit Review Bot
Comment 7 2011-10-06 16:01:17 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.