Bug 22042 - REGRESSION(r38066): ASSERTION FAILED: source in CodeBlock
Summary: REGRESSION(r38066): ASSERTION FAILED: source in CodeBlock
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P1 Normal
Assignee: Nobody
Depends on:
Reported: 2008-11-02 13:02 PST by Matt Lilek
Modified: 2008-11-03 10:26 PST (History)
1 user (show)

See Also:

Fix (1.41 KB, patch)
2008-11-02 13:04 PST, Matt Lilek
zwarich: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Matt Lilek 2008-11-02 13:02:11 PST
<http://trac.webkit.org/changeset/38066> caused an assertion failure on any page that has JavaScript.

(/Users/matt/Code/WebKit/JavaScriptCore/VM/CodeBlock.h:264 JSC::CodeBlock::CodeBlock(JSC::ScopeNode*, JSC::CodeType, WTF::PassRefPtr<JSC::SourceProvider>, unsigned int))
Comment 1 Matt Lilek 2008-11-02 13:04:20 PST
Created attachment 24854 [details]

My C++-foo isn't strong enough to know exactly why this was wrong, but this stops the ASSERT.
Comment 2 Cameron Zwarich (cpst) 2008-11-02 13:11:32 PST
Comment on attachment 24854 [details]

r=me if you change the parameters on the other two constructors in that file to match.

This is a pretty bizarre thing. I wish I knew why it happened.
Comment 3 Matt Lilek 2008-11-02 13:15:48 PST
Committed revision 38068.
Comment 4 Geoffrey Garen 2008-11-03 10:23:56 PST
Doesn't this mean that all the name changes in http://trac.webkit.org/changeset/38066 are invalid?
Comment 5 Cameron Zwarich (cpst) 2008-11-03 10:26:47 PST
The name changes are valid. The issue was that after the initializer

, source(source)

the PassRefPtr source was getting zeroed out, causing the assertion that source is nonzero to fail, where source is scoped to the parameter rather than the member variable. The assertion could also have been changed to ASSERT(this->source), and I might go back and do that.