RESOLVED FIXED 129247
[Inspector][EFL] Crash happens on EFL inspector when a break point is reached 
https://bugs.webkit.org/show_bug.cgi?id=129247
Summary [Inspector][EFL] Crash happens on EFL inspector when a break point is reached
Gyuyoung Kim
Reported 2014-02-24 01:08:37 PST
When a break point is set on EFL inspector with attached file, EFL inspector comes to crash. Callstack is as below, Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fff917c2700 (LWP 15714)] 0x00007ffff74ec8f4 in JSC::WriteBarrierBase<JSC::Structure>::operator-> (this=0x0) at /home/gyuyoung/webkit/WebKit/Source/JavaScriptCore/runtime/WriteBarrier.h:107 107 ASSERT(m_cell); (gdb) bt #0 0x00007ffff74ec8f4 in JSC::WriteBarrierBase<JSC::Structure>::operator-> (this=0x0) at /home/gyuyoung/webkit/WebKit/Source/JavaScriptCore/runtime/WriteBarrier.h:107 #1 0x00007ffff752abe6 in JSC::JSCell::isGetterSetter (this=0x0) at /home/gyuyoung/webkit/WebKit/Source/JavaScriptCore/runtime/JSCellInlines.h:129 #2 0x00007ffff752ac3c in JSC::JSValue::isGetterSetter (this=0x7fffffffb2d0) at /home/gyuyoung/webkit/WebKit/Source/JavaScriptCore/runtime/JSCJSValueInlines.h:538 #3 0x00007ffff59bf187 in JSC::JSObject::put (cell=0x7fff6be9cf70, exec=0x7fffffffb4b0, propertyName=..., value=..., slot=...) at /home/gyuyoung/webkit/WebKit/Source/JavaScriptCore/runtime/JSObject.cpp:387 #4 0x00007ffff571f400 in JSC::JSValue::put (this=0x7fffffffb3f0, exec=0x7fffffffb4b0, propertyName=..., value=..., slot=...) at /home/gyuyoung/webkit/WebKit/Source/JavaScriptCore/runtime/JSCJSValueInlines.h:703 #5 0x00007ffff5869473 in JSC::operationPutByIdNonStrictBuildList (exec=0x7fffffffb4b0, stubInfo=0x239d9f0, encodedValue=-281474976709856, encodedBase=140735003873136, uid=0x7a0d70) at /home/gyuyoung/webkit/WebKit/Source/JavaScriptCore/jit/JITOperations.cpp:388
Attachments
Inspector.html (259 bytes, text/html)
2014-02-24 01:09 PST, Gyuyoung Kim 		no flags
Details
Inspector.js (497 bytes, application/javascript)
2014-02-24 01:09 PST, Gyuyoung Kim 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2014-02-24 01:09:01 PST
<rdar://problem/16145904>
Gyuyoung Kim
Comment 2 2014-02-24 01:09:21 PST
Created attachment 225038 [details] Inspector.html
Gyuyoung Kim
Comment 3 2014-02-24 01:09:41 PST
Created attachment 225040 [details] Inspector.js
Gyuyoung Kim
Comment 4 2014-02-24 01:12:57 PST
Reproduce step : 1. Tools/Script/build-webkit --efl --cmakeargs="-DSHARED_CORE=ON" --debug 2. WebKitBuild/Debug/bin/MiniBrowser ./inspector.html 3. Run inspector by using context menu after clicking mouse right button. 4. Set a break point in below line of inspector.js var textbox = document.querySelector('.contents'); textbox.addEventListener("click", function(){ => box = document.querySelector('#textbox'); box.innerHTML = box.innerHTML == "Basic" ? "Sample" : "Basic"; }); 5. Click "Basic" test on MiniBrowser. 6. Inspector will come to crash.
Joseph Pecoraro
Comment 5 2014-02-24 11:26:09 PST
Looks like a JavaScriptCore crash. Tough to tell for sure with the partial backtrace in the description.
Csaba Osztrogonác
Comment 6 2014-02-26 06:11:05 PST
Rolling out of http://trac.webkit.org/changeset/164493 solved this bug - https://trac.webkit.org/changeset/164651
Note You need to log in before you can comment on or make changes to this bug.