WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
20863
ASSERTION FAILED: addressOffset < instructions.size() in CodeBlock::getHandlerForVPC
https://bugs.webkit.org/show_bug.cgi?id=20863
Summary
ASSERTION FAILED: addressOffset < instructions.size() in CodeBlock::getHandle...
Geoffrey Garen
Reported
2008-09-15 15:45:01 PDT
~/Labyrinth/OpenSource/JavaScriptCore/tests/mozilla$ "/Volumes/Big/ggaren/build/Debug/jsc" -s -f ./js1_5/shell.js -f ./js1_5/Regress/regress-96128-n.js BUGNUMBER: 96128 STATUS: Testing that JS infinite recursion protection works ASSERTION FAILED: addressOffset < instructions.size() (/Volumes/Big/ggaren/Labyrinth/OpenSource/JavaScriptCore/VM/CodeBlock.cpp:978 bool JSC::CodeBlock::getHandlerForVPC(const JSC::Instruction*, JSC::Instruction*&, int&))
Attachments
Proposed patch
(1.58 KB, patch)
2008-09-15 19:36 PDT
,
Cameron Zwarich (cpst)
mjs
: review+
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Geoffrey Garen
Comment 1
2008-09-15 15:45:30 PDT
Only fails in CTI.
Cameron Zwarich (cpst)
Comment 2
2008-09-15 16:20:04 PDT
The problem is that exception range info is not being correctly generated, now that op_get_by_id is emitted before op_construct and op_instanceof (in this case it is op_construct). I tried to make a quick fix to avoid the crash, but it doesn't seem to work. I must leave now for a while, so I am unassigning this to myself.
Cameron Zwarich (cpst)
Comment 3
2008-09-15 19:36:46 PDT
Created
attachment 23457
[details]
Proposed patch
Maciej Stachowiak
Comment 4
2008-09-15 19:40:22 PDT
Comment on
attachment 23457
[details]
Proposed patch r=me
Cameron Zwarich (cpst)
Comment 5
2008-09-17 19:57:47 PDT
Landed in
r36472
.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug