RESOLVED FIXED 119170
ASSERT failure in wtf/CheckedBoolean.h line 43 on Windows 
https://bugs.webkit.org/show_bug.cgi?id=119170
Summary ASSERT failure in wtf/CheckedBoolean.h line 43 on Windows
Michael Saboff
Reported 2013-07-26 16:04:11 PDT
On Windows debug build, we get an ASSERT failure in CheckedBoolean.h. Example traceback: WTF.dll!WTFCrash() Line 339C++ JavaScriptCore.dll!CheckedBoolean::~CheckedBoolean() Line 43 + 0x36 bytesC++ JavaScriptCore.dll!JSC::Heap::tryAllocateStorage(JSC::JSCell * intendedOwner, unsigned int bytes, void * * outPtr) Line 423 + 0x12 bytesC++ JavaScriptCore.dll!JSC::Butterfly::createUninitialized(JSC::VM & vm, JSC::JSCell * intendedOwner, unsigned int preCapacity, unsigned int propertyCapacity, bool hasIndexingHeader, unsigned int indexingPayloadSizeInBytes) Line 42 + 0x1b bytesC++ JavaScriptCore.dll!JSC::Butterfly::growPropertyStorage(JSC::VM & vm, JSC::JSCell * intendedOwner, unsigned int preCapacity, unsigned int oldPropertyCapacity, bool hasIndexingHeader, unsigned int indexingPayloadSizeInBytes, unsigned int newPropertyCapacity) Line 85 + 0x1e bytesC++ >JavaScriptCore.dll!JSC::Butterfly::growPropertyStorage(JSC::VM & vm, JSC::JSCell * intendedOwner, JSC::Structure * structure, unsigned int oldPropertyCapacity, unsigned int newPropertyCapacity) Line 101C++ JavaScriptCore.dll!JSC::JSObject::growOutOfLineStorage(JSC::VM & vm, unsigned int oldSize, unsigned int newSize) Line 2379C++ JavaScriptCore.dll!JSC::JSObject::setStructureAndReallocateStorageIfNecessary(JSC::VM & vm, unsigned int oldCapacity, JSC::Structure * newStructure) Line 1356 + 0x19 bytesC++ JavaScriptCore.dll!JSC::JSObject::setStructureAndReallocateStorageIfNecessary(JSC::VM & vm, JSC::Structure * newStructure) Line 1364C++ JavaScriptCore.dll!JSC::JSObject::putDirectInternal<1>(JSC::VM & vm, JSC::PropertyName propertyName, JSC::JSValue value, unsigned int attributes, JSC::PutPropertySlot & slot, JSC::JSCell * specificFunction) Line 1336C++ JavaScriptCore.dll!JSC::JSObject::putDirect(JSC::VM & vm, JSC::PropertyName propertyName, JSC::JSValue value, unsigned int attributes) Line 1380C++ JavaScriptCore.dll!JSC::InternalFunction::finishCreation(JSC::VM & vm, const WTF::String & name) Line 48C++ JavaScriptCore.dll!JSC::FunctionPrototype::finishCreation(JSC::ExecState * exec, const WTF::String & name) Line 53C++ JavaScriptCore.dll!JSC::FunctionPrototype::create(JSC::ExecState * exec, JSC::JSGlobalObject * globalObject, JSC::Structure * structure) Line 35 + 0x15 bytesC++ JavaScriptCore.dll!JSC::JSGlobalObject::reset(JSC::JSValue prototype) Line 201 + 0x39 bytesC++ JavaScriptCore.dll!JSC::JSGlobalObject::init(JSC::JSObject * thisValue) Line 148C++ WebKit.dll!JSC::JSGlobalObject::finishCreation(JSC::VM & vm, JSC::JSObject * thisValue) Line 229C++ WebKit.dll!WebCore::JSDOMGlobalObject::finishCreation(JSC::VM & vm, JSC::JSObject * thisValue) Line 66C++ WebKit.dll!WebCore::JSDOMWindowBase::finishCreation(JSC::VM & vm, WebCore::JSDOMWindowShell * shell) Line 65C++ WebKit.dll!WebCore::JSDOMWindow::create(JSC::VM & vm, JSC::Structure * structure, WTF::PassRefPtr<WebCore::DOMWindow> impl, WebCore::JSDOMWindowShell * windowShell) Line 42C++ WebKit.dll!WebCore::JSDOMWindowShell::setWindow(WTF::PassRefPtr<WebCore::DOMWindow> domWindow) Line 84 + 0x1f bytesC++ WebKit.dll!WebCore::JSDOMWindowShell::finishCreation(JSC::VM & vm, WTF::PassRefPtr<WebCore::DOMWindow> window) Line 57C++ WebKit.dll!WebCore::JSDOMWindowShell::create(WTF::PassRefPtr<WebCore::DOMWindow> window, JSC::Structure * structure, WebCore::DOMWrapperWorld * world) Line 59C++ WebKit.dll!WebCore::ScriptController::createWindowShell(WebCore::DOMWrapperWorld * world) Line 110 + 0x28 bytesC++ WebKit.dll!WebCore::ScriptController::initScript(WebCore::DOMWrapperWorld * world) Line 213 + 0xc bytesC++ WebKit.dll!WebCore::ScriptController::windowShell(WebCore::DOMWrapperWorld * world) Line 79 + 0x43 bytesC++ WebKit.dll!WebCore::ScriptController::globalObject(WebCore::DOMWrapperWorld * world) Line 88 + 0xc bytesC++ WebKit.dll!WebFrame::globalContext() Line 534 + 0x15 bytesC++ DumpRenderTree.dll!resetWebViewToConsistentStateBeforeTesting() Line 916 + 0x13 bytesC++ DumpRenderTree.dll!runTest(const std::basic_string<char,std::char_traits<char>,std::allocator<char> > & inputLine) Line 1091C++ DumpRenderTree.dll!dllLauncherEntryPoint(int argc, const char * * argv) Line 1424 + 0x23 bytesC++ DumpRenderTree.exe!main(int argc, const char * * argv) Line 209 + 0xe bytesC++ DumpRenderTree.exe!__tmainCRTStartup() Line 555 + 0x17 bytesC mi
Attachments
Patch (1.37 KB, patch)
2013-07-26 16:12 PDT, Michael Saboff 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Michael Saboff
Comment 1 2013-07-26 16:12:32 PDT
Created attachment 207561 [details] Patch This patch has already been reviewed. Written by Oliver, to be landed by me.
Michael Saboff
Comment 2 2013-07-26 16:15:25 PDT
<rdar://problem/14563179>
Michael Saboff
Comment 3 2013-07-26 16:51:43 PDT
Fix landed in change set https://trac.webkit.org/changeset/153387.
Note You need to log in before you can comment on or make changes to this bug.