[Webkit-unassigned] [Bug 16033] New: REGRESSION(r27022): testapi exits with assertion failure in debug build: ASSERTION FAILED: s <= HeapConstants<heapType>::cellSize

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Nov 17 16:38:58 PST 2007 

http://bugs.webkit.org/show_bug.cgi?id=16033

           Summary: REGRESSION(r27022): testapi exits with assertion failure
                    in debug build: ASSERTION FAILED: s <=
                    HeapConstants<heapType>::cellSize
           Product: WebKit
           Version: 525+ (Nightly build)
          Platform: Macintosh
        OS/Version: Mac OS X 10.5
            Status: NEW
          Keywords: HasReduction, Regression
          Severity: Normal
          Priority: P1
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: mrowe at apple.com


ASSERTION FAILED: s <= HeapConstants<heapType>::cellSize
(/Volumes/Data/Home/Documents/Work/WebKit-git/OpenSource/JavaScriptCore/kjs/collector.cpp:202
static void* KJS::Collector::heapAllocate(size_t) [with
KJS::Collector::HeapType heapType = PrimaryHeap])

Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0xbbadbeef
#0  0x002f3403 in KJS::Collector::heapAllocate<(KJS::Collector::HeapType)0>
(s=36) at collector.cpp:202
#1  0x00299339 in KJS::Collector::allocate (s=36) at collector.cpp:306
#2  0x0029934d in KJS::JSCell::operator new (size=36) at value.cpp:39
#3  0x002fc922 in JSGlobalContextCreate (globalObjectClass=0x507b10) at
/Volumes/Data/Home/Documents/Work/WebKit-git/OpenSource/JavaScriptCore/API/JSContextRef.cpp:48
#4  0x0000340b in main (argc=1, argv=0xbffff72c) at
/Volumes/Data/Home/Documents/Work/WebKit-git/OpenSource/JavaScriptCore/API/testapi.c:501

The allocation in question is:
globalObject = new JSCallbackObject<JSGlobalObject>(0, globalObjectClass,
jsNull(), 0);

which is apparently now 36 bytes in size, 4 bytes larger than the maximum cell
size of 32 bytes.

This is simple to reproduce.  Simply run testapi without any arguments.


-- 
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list