[Webkit-unassigned] [Bug 22682] New: Assertion failure in JSC::asCell while debugging SlickSpeed tests
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Dec 5 08:17:09 PST 2008
https://bugs.webkit.org/show_bug.cgi?id=22682
Summary: Assertion failure in JSC::asCell while debugging
SlickSpeed tests
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
URL: http://mootools.net/slickspeed/
OS/Version: Windows XP
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: aroben at apple.com
CC: timothy at hatcher.name, sam at webkit.org, ggaren at apple.com,
oliver at apple.com, cwzwarich at uwaterloo.ca,
barraclough at apple.com
To reproduce:
1. Go to http://mootools.net/slickspeed/
2. Choose Develop > Show Web Inspector
3. Go to the Scripts panel in the Web Inspector and click "Enable Debugging"
4. Enable "Pause on Exceptions" by clicking the button in the status bar that
looks like a stop sign (or an electrical outlet ;-)
5. Click "Start Tests" on the webpage
You'll hit this assertion:
ASSERT(!JSImmediate::isImmediate(value));
value is 0x2
Here's the backtrace:
> WebKit_debug.dll!JSC::asCell(JSC::JSValue * value=0x00000002) Line 114 + 0x2c bytes C++
WebKit_debug.dll!JSC::asObject(JSC::JSValue * value=0x00000002) Line
214 + 0x9 bytes C++
WebKit_debug.dll!JSC::DebuggerCallFrame::thisObject() Line 64 + 0x10
bytes C++
WebKit_debug.dll!WebCore::JavaScriptCallFrame::thisObject() Line 88
C++
WebKit_debug.dll!WebCore::JSJavaScriptCallFrame::thisObject(JSC::ExecState *
exec=0x05bdc06c) Line 49 + 0xf bytes C++
WebKit_debug.dll!WebCore::jsJavaScriptCallFrameThisObject(JSC::ExecState *
exec=0x05bdc06c, const JSC::Identifier & __formal={...}, const
JSC::PropertySlot & slot={...}) Line 129 C++
WebKit_debug.dll!JSC::PropertySlot::getValue(JSC::ExecState *
exec=0x05bdc06c, const JSC::Identifier & propertyName={...}) Line 62 + 0x15
bytes C++
WebKit_debug.dll!WebCore::JSQuarantinedObjectWrapper::getOwnPropertySlot(JSC::ExecState
* exec=0x0aed0c18, const JSC::Identifier & identifier={...}, JSC::PropertySlot
& slot={...}) Line 114 + 0x15 bytes C++
WebKit_debug.dll!JSC::JSCell::fastGetOwnPropertySlot(JSC::ExecState *
exec=0x0aed0c18, const JSC::Identifier & propertyName={...}, JSC::PropertySlot
& slot={...}) Line 331 + 0x1b bytes C++
WebKit_debug.dll!JSC::JSValue::get(JSC::ExecState * exec=0x0aed0c18,
const JSC::Identifier & propertyName={...}, JSC::PropertySlot & slot={...})
Line 484 + 0x14 bytes C++
WebKit_debug.dll!JSC::Interpreter::cti_op_get_by_id(void * *
args=0x0012eefc) Line 4523 + 0x14 bytes C++
WebKit_debug.dll!JSC::Interpreter::cti_op_convert_this() + 0xdf bytes
C++
WebKit_debug.dll!JSC::Interpreter::execute(JSC::FunctionBodyNode *
functionBodyNode=0x17663c08, JSC::ExecState * callFrame=0x0aed0aa0,
JSC::JSFunction * function=0x0e8022e0, JSC::JSObject * thisObj=0x0e80e4a0,
const JSC::ArgList & args={...}, JSC::ScopeChainNode * scopeChain=0x120f4650,
JSC::JSValue * * exception=0x05ac64dc) Line 1006 + 0x22 bytes C++
WebKit_debug.dll!JSC::JSFunction::call(JSC::ExecState *
exec=0x0aed0aa0, JSC::JSValue * thisValue=0x0e80e4a0, const JSC::ArgList &
args={...}) Line 83 C++
WebKit_debug.dll!JSC::call(JSC::ExecState * exec=0x0aed0aa0,
JSC::JSValue * functionObject=0x0e8022e0, JSC::CallType callType=CallTypeJS,
const JSC::CallData & callData={...}, JSC::JSValue * thisValue=0x0e80e4a0,
const JSC::ArgList & args={...}) Line 40 C++
WebKit_debug.dll!JSC::functionProtoFuncCall(JSC::ExecState *
exec=0x0aed0aa0, JSC::JSObject * __formal=0x0fd597e0, JSC::JSValue *
thisValue=0x0e8022e0, const JSC::ArgList & args={...}) Line 133 + 0x1d bytes
C++
WebKit_debug.dll!JSC::Interpreter::cti_op_call_NotJSFunction(void * *
args=0x0012f19c) Line 4971 + 0x24 bytes C++
WebKit_debug.dll!JSC::Interpreter::cti_op_convert_this() + 0xdf bytes
C++
WebKit_debug.dll!JSC::Interpreter::execute(JSC::FunctionBodyNode *
functionBodyNode=0x17200568, JSC::ExecState * callFrame=0x0aed0430,
JSC::JSFunction * function=0x0fd500c0, JSC::JSObject * thisObj=0x0e80fc80,
const JSC::ArgList & args={...}, JSC::ScopeChainNode * scopeChain=0x120f4650,
JSC::JSValue * * exception=0x05ac64dc) Line 1006 + 0x22 bytes C++
WebKit_debug.dll!JSC::JSFunction::call(JSC::ExecState *
exec=0x0aed0430, JSC::JSValue * thisValue=0x0e80fc80, const JSC::ArgList &
args={...}) Line 83 C++
WebKit_debug.dll!JSC::call(JSC::ExecState * exec=0x0aed0430,
JSC::JSValue * functionObject=0x0fd500c0, JSC::CallType callType=CallTypeJS,
const JSC::CallData & callData={...}, JSC::JSValue * thisValue=0x0e80fc80,
const JSC::ArgList & args={...}) Line 40 C++
WebKit_debug.dll!JSC::JSObject::put(JSC::ExecState * exec=0x0aed0430,
const JSC::Identifier & propertyName={...}, JSC::JSValue * value=0x090f85a0,
JSC::PutPropertySlot & slot={...}) Line 152 + 0x20 bytes C++
WebKit_debug.dll!JSC::JSValue::put(JSC::ExecState * exec=0x0aed0430,
const JSC::Identifier & propertyName={...}, JSC::JSValue * value=0x090f85a0,
JSC::PutPropertySlot & slot={...}) Line 526 + 0x2a bytes C++
WebKit_debug.dll!JSC::Interpreter::cti_op_put_by_id(void * *
args=0x0012f3f4) Line 4477 C++
WebKit_debug.dll!JSC::Interpreter::cti_op_convert_this() + 0xdf bytes
C++
WebKit_debug.dll!JSC::Interpreter::execute(JSC::FunctionBodyNode *
functionBodyNode=0x17379748, JSC::ExecState * callFrame=0x114685dc,
JSC::JSFunction * function=0x0fd545e0, JSC::JSObject * thisObj=0x0fd551e0,
const JSC::ArgList & args={...}, JSC::ScopeChainNode * scopeChain=0x120f4650,
JSC::JSValue * * exception=0x05ac64dc) Line 1006 + 0x22 bytes C++
WebKit_debug.dll!JSC::JSFunction::call(JSC::ExecState *
exec=0x114685dc, JSC::JSValue * thisValue=0x0fd551e0, const JSC::ArgList &
args={...}) Line 83 C++
WebKit_debug.dll!JSC::call(JSC::ExecState * exec=0x114685dc,
JSC::JSValue * functionObject=0x0fd545e0, JSC::CallType callType=CallTypeJS,
const JSC::CallData & callData={...}, JSC::JSValue * thisValue=0x0fd551e0,
const JSC::ArgList & args={...}) Line 40 C++
WebKit_debug.dll!JSObjectCallAsFunction(const OpaqueJSContext *
ctx=0x114685dc, OpaqueJSValue * object=0x0fd545e0, OpaqueJSValue *
thisObject=0x0fd551e0, unsigned int argumentCount=0, const OpaqueJSValue *
const * arguments=0x00000000, const OpaqueJSValue * * exception=0x0012f620)
Line 399 + 0x23 bytes C++
WebKit_debug.dll!WebCore::InspectorController::callFunction(const
OpaqueJSContext * context=0x114685dc, OpaqueJSValue * thisObject=0x0fd551e0,
const char * functionName=0x01ddd524, unsigned int argumentCount=0, const
OpaqueJSValue * const * arguments=0x00000000, const OpaqueJSValue * &
exception=0x00000000) Line 152 + 0x1d bytes C++
WebKit_debug.dll!WebCore::InspectorController::didPause() Line 2882
C++
WebKit_debug.dll!WebCore::dispatchFunctionToListeners(const
WTF::HashSet<WebCore::JavaScriptDebugListener
*,WTF::PtrHash<WebCore::JavaScriptDebugListener
*>,WTF::HashTraits<WebCore::JavaScriptDebugListener *> > & listeners={...},
void (void)* callback=0x014883a0) Line 314 + 0x13 bytes C++
WebKit_debug.dll!WebCore::JavaScriptDebugServer::dispatchFunctionToListeners(void
(void)* callback=0x014883a0, WebCore::Page * page=0x0558cb88) Line 330 + 0xd
bytes C++
WebKit_debug.dll!WebCore::JavaScriptDebugServer::pauseIfNeeded(WebCore::Page *
page=0x0558cb88) Line 415 C++
WebKit_debug.dll!WebCore::JavaScriptDebugServer::exception(const
JSC::DebuggerCallFrame & debuggerCallFrame={...}, int sourceID=174793304, int
lineNumber=20) Line 483 C++
WebKit_debug.dll!JSC::Interpreter::throwException(JSC::ExecState * &
callFrame=0x0aed02b0, JSC::JSValue * & exceptionValue=0x090f9060, const
JSC::Instruction * vPC=0x17d34ecc, bool explicitThrow=false) Line 843 + 0x2b
bytes C++
WebKit_debug.dll!JSC::Interpreter::cti_vm_throw(void * *
args=0x0012f7f8) Line 6108 + 0x27 bytes C++
WebKit_debug.dll!JSC::Interpreter::cti_op_convert_this() + 0xdf bytes
C++
WebKit_debug.dll!JSC::Interpreter::execute(JSC::FunctionBodyNode *
functionBodyNode=0x174c9948, JSC::ExecState * callFrame=0x0a2f1a74,
JSC::JSFunction * function=0x0fd59920, JSC::JSObject * thisObj=0x078f4040,
const JSC::ArgList & args={...}, JSC::ScopeChainNode * scopeChain=0x1135ad48,
JSC::JSValue * * exception=0x05ac64dc) Line 1006 + 0x22 bytes C++
WebKit_debug.dll!JSC::JSFunction::call(JSC::ExecState *
exec=0x0a2f1a74, JSC::JSValue * thisValue=0x078f4040, const JSC::ArgList &
args={...}) Line 83 C++
WebKit_debug.dll!JSC::call(JSC::ExecState * exec=0x0a2f1a74,
JSC::JSValue * functionObject=0x0fd59920, JSC::CallType callType=CallTypeJS,
const JSC::CallData & callData={...}, JSC::JSValue * thisValue=0x078f4040,
const JSC::ArgList & args={...}) Line 40 C++
WebKit_debug.dll!WebCore::ScheduledAction::execute(WebCore::JSDOMWindowShell *
windowShell=0x078f4040) Line 75 + 0x25 bytes C++
WebKit_debug.dll!WebCore::JSDOMWindowBase::timerFired(WebCore::DOMTimer
* timer=0x18290ef8) Line 895 C++
WebKit_debug.dll!WebCore::DOMTimer::fired() Line 71 C++
WebKit_debug.dll!WebCore::TimerBase::fireTimers(double
fireTime=1228493686.9491339, const WTF::Vector<WebCore::TimerBase *,0> &
firingTimers=[1](0x18290ef8 {m_nextFireTime=1.1080535411388742e-197
m_repeatInterval=-1.4568160835476641e+144 m_heapIndex=524295 ...})) Line 347 +
0xf bytes C++
WebKit_debug.dll!WebCore::TimerBase::sharedTimerFired() Line 368 +
0x12 bytes C++
WebKit_debug.dll!WebCore::TimerWindowWndProc(HWND__ * hWnd=0x00060844,
unsigned int message=49540, unsigned int wParam=0, long lParam=0) Line 102 +
0x8 bytes C++
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list