Bug 167280 - Calling eval in function will crash on iOS
Summary: Calling eval in function will crash on iOS
Status: NEW
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: WebKit Local Build
Hardware: iPhone / iPad iOS 10
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-01-21 01:40 PST by Shuan Zhao
Modified: 2017-01-22 00:04 PST (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Shuan Zhao 2017-01-21 01:40:40 PST 
It is only occurred on iOS with the release build of the jsc library. It's ok when linked with debug version of jsc, and it's ok when called in the global scope.

The stack of the crash is as follows.

#0	0x0000000100d63c24 in llint_entry ()
#1	0x0000000100d649ec in llint_entry ()
#2	0x0000000100d65fa8 in llint_entry ()
#3	0x0000000100d5f6b8 in llintPCRangeStart ()
#4	0x0000000100c09fb8 in JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) at JITCode.cpp:81
#5	0x0000000100bdcde4 in JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) at /Users/hoolai/WebKit-GIT/Source/JavaScriptCore/interpreter/Interpreter.cpp:871
#6	0x00000001008f1114 in JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) at Completion.cpp:110
#7	0x0000000100c4cb98 in ::JSEvaluateScript(JSContextRef, JSStringRef, JSObjectRef, JSStringRef, int, JSValueRef *) at JSBase.cpp:69
Comment 1 Alexey Proskuryakov 2017-01-21 23:54:29 PST 
Just to confirm, this is your own release build of JavaScriptCore, installed as part of your app on iOS device? What code does this happen with?
Comment 2 Shuan Zhao 2017-01-22 00:04:16 PST 
Yes, it's my own release build of JavaScriptCore with the lasted code, and linked as static library with my app on iOS device. The script I'm running is as follows.

function test() {
    eval("1+1");
}

test();