[Webkit-unassigned] [Bug 49006] New: [Qt] ASSERTION FAILED: base->index() == m_codeBlock->argumentsRegister() while loading taobao.com

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Nov 4 09:42:14 PDT 2010 

https://bugs.webkit.org/show_bug.cgi?id=49006

           Summary: [Qt] ASSERTION FAILED: base->index() ==
                    m_codeBlock->argumentsRegister() while loading
                    taobao.com
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
               URL: http://taobao.com
        OS/Version: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: kimmo.t.kinnunen at nokia.com


This might exist on other ports also, but I haven't been able to test. 

gdb --args WebKitBuild/Debug/bin/QtTestBrowser taobao.com

[Thread debugging using libthread_db enabled]
[New Thread 0xb06e9b70 (LWP 20812)]
[New Thread 0xac4ffb70 (LWP 20813)]
[Thread 0xac4ffb70 (LWP 20813) exited]
[New Thread 0xa986cb70 (LWP 20822)]
[New Thread 0xa586bb70 (LWP 20823)]
ASSERTION FAILED: base->index() == m_codeBlock->argumentsRegister()
(../../../JavaScriptCore/bytecompiler/BytecodeGenerator.cpp:1467 JSC::RegisterID* JSC::BytecodeGenerator::emitGetArgumentByVal(JSC::RegisterID*, JSC::RegisterID*, JSC::RegisterID*))

Program received signal SIGSEGV, Segmentation fault.
0xb6dbaccd in JSC::BytecodeGenerator::emitGetArgumentByVal (this=0x84df958, dst=0x84dfbf4, base=0x84dfe04, property=0x84dfe10)
    at ../../../JavaScriptCore/bytecompiler/BytecodeGenerator.cpp:1467
1467        ASSERT(base->index() == m_codeBlock->argumentsRegister());
(gdb) bt
#0  0xb6dbaccd in JSC::BytecodeGenerator::emitGetArgumentByVal (this=0x84df958, dst=0x84dfbf4, base=0x84dfe04, property=0x84dfe10)
    at ../../../JavaScriptCore/bytecompiler/BytecodeGenerator.cpp:1467
#1  0xb6e1a797 in JSC::BracketAccessorNode::emitBytecode (this=0x8c592f8, generator=..., dst=0x0)
    at ../../../JavaScriptCore/bytecompiler/NodesCodegen.cpp:296
#2  0xb6dc0428 in JSC::BytecodeGenerator::emitNode(JSC::RegisterID*, JSC::Node*) ()
   from /scratchbox/users/kimkinnu/home/kimkinnu/swork/webkit/WebKitBuild/Debug/bin/../lib/libQtWebKit.so.4
#3  0xb6e2743a in JSC::BytecodeGenerator::emitNode(JSC::Node*) ()
   from /scratchbox/users/kimkinnu/home/kimkinnu/swork/webkit/WebKitBuild/Debug/bin/../lib/libQtWebKit.so.4
#4  0xb6e27676 in JSC::BytecodeGenerator::emitNodeForLeftHandSide(JSC::ExpressionNode*, bool, bool) ()
   from /scratchbox/users/kimkinnu/home/kimkinnu/swork/webkit/WebKitBuild/Debug/bin/../lib/libQtWebKit.so.4
#5  0xb6e1fa04 in JSC::StrictEqualNode::emitBytecode (this=0x8c59330, generator=..., dst=0x0)
    at ../../../JavaScriptCore/bytecompiler/NodesCodegen.cpp:1009
#6  0xb6dc0428 in JSC::BytecodeGenerator::emitNode(JSC::RegisterID*, JSC::Node*) ()
   from /scratchbox/users/kimkinnu/home/kimkinnu/swork/webkit/WebKitBuild/Debug/bin/../lib/libQtWebKit.so.4
#7  0xb6e2743a in JSC::BytecodeGenerator::emitNode(JSC::Node*) ()
   from /scratchbox/users/kimkinnu/home/kimkinnu/swork/webkit/WebKitBuild/Debug/bin/../lib/libQtWebKit.so.4
#8  0xb6e22a14 in JSC::IfElseNode::emitBytecode (this=0x8c59520, generator=..., dst=0x84df988)
    at ../../../JavaScriptCore/bytecompiler/NodesCodegen.cpp:1464
#9  0xb6dc0428 in JSC::BytecodeGenerator::emitNode(JSC::RegisterID*, JSC::Node*) ()
   from /scratchbox/users/kimkinnu/home/kimkinnu/swork/webkit/WebKitBuild/Debug/bin/../lib/libQtWebKit.so.4
#10 0xb6e27943 in JSC::SourceElements::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) ()
   from /scratchbox/users/kimkinnu/home/kimkinnu/swork/webkit/WebKitBuild/Debug/bin/../lib/libQtWebKit.so.4
#11 0xb6e223bc in JSC::BlockNode::emitBytecode (this=0x8c59538, generator=..., dst=0x84df988)
    at ../../../JavaScriptCore/bytecompiler/NodesCodegen.cpp:1388
---Type <return> to continue, or q <return> to quit---
#12 0xb6dc0428 in JSC::BytecodeGenerator::emitNode(JSC::RegisterID*, JSC::Node*) ()
   from /scratchbox/users/kimkinnu/home/kimkinnu/swork/webkit/WebKitBuild/Debug/bin/../lib/libQtWebKit.so.4
#13 0xb6e27943 in JSC::SourceElements::emitBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) ()
   from /scratchbox/users/kimkinnu/home/kimkinnu/swork/webkit/WebKitBuild/Debug/bin/../lib/libQtWebKit.so.4
#14 0xb6e27a2b in JSC::ScopeNode::emitStatementsBytecode(JSC::BytecodeGenerator&, JSC::RegisterID*) ()
   from /scratchbox/users/kimkinnu/home/kimkinnu/swork/webkit/WebKitBuild/Debug/bin/../lib/libQtWebKit.so.4
#15 0xb6e2621b in JSC::FunctionBodyNode::emitBytecode (this=0x8c15608, generator=...)
    at ../../../JavaScriptCore/bytecompiler/NodesCodegen.cpp:2036
#16 0xb6db2347 in JSC::BytecodeGenerator::generate (this=0x84df958) at ../../../JavaScriptCore/bytecompiler/BytecodeGenerator.cpp:144
#17 0xb6d15cc9 in JSC::FunctionExecutable::compileForCallInternal (this=0x85507e8, exec=0xabebe3f8, scopeChainNode=0x8550050)
    at ../../../JavaScriptCore/runtime/Executable.cpp:197
#18 0xb6ce0ed3 in JSC::FunctionExecutable::compileForCall(JSC::ExecState*, JSC::ScopeChainNode*) ()
   from /scratchbox/users/kimkinnu/home/kimkinnu/swork/webkit/WebKitBuild/Debug/bin/../lib/libQtWebKit.so.4
#19 0xb6cec2a4 in cti_vm_lazyLinkCall (args=0xbfffe1d0) at ../../../JavaScriptCore/jit/JITStubs.cpp:2104
#20 0xb6ce7544 in JSC::JITThunks::tryCacheGetByID (callFrame=0xa18645b4, codeBlock=0x831187c, returnAddress=..., baseValue=..., 
    propertyName=..., slot=..., stubInfo=0xbfffe248) at ../../../JavaScriptCore/jit/JITStubs.cpp:975
#21 0xb6ce0a50 in JSC::JITCode::execute(JSC::RegisterFile*, JSC::ExecState*, JSC::JSGlobalData*) ()
   from /scratchbox/users/kimkinnu/home/kimkinnu/swork/webkit/WebKitBuild/Debug/bin/../lib/libQtWebKit.so.4
#22 0xb6cddae4 in JSC::Interpreter::executeCall (this=0x8311870, callFrame=0x83d6ebc, function=0xabe74780, callType=JSC::CallTypeJS, 
    callData=..., thisValue=..., args=...) at ../../../JavaScriptCore/interpreter/Interpreter.cpp:830
#23 0xb6d0721e in JSC::call (exec=0x83d6ebc, functionObject=..., callType=JSC::CallTypeJS, callData=..., thisValue=..., args=...)
    at ../../../JavaScriptCore/runtime/CallData.cpp:38
#24 0xb61a1840 in WebCore::JSMainThreadExecState::call (exec=0x83d6ebc, functionObject=..., callType=JSC::CallTypeJS, callData=..., 
    thisValue=..., args=...) at ../../../WebCore/bindings/js/JSMainThreadExecState.h:48
---Type <return> to continue, or q <return> to quit---
#25 0xb61ee8e7 in WebCore::JSEventListener::handleEvent (this=0x8b7ef98, scriptExecutionContext=0x83d1e50, event=0x8649b60)
    at ../../../WebCore/bindings/js/JSEventListener.cpp:124
#26 0xb63c5d56 in WebCore::EventTarget::fireEventListeners (this=0x8b7f108, event=0x8649b60, d=0x8b81540, entry=...)
    at ../../../WebCore/dom/EventTarget.cpp:335
#27 0xb63c5bdd in WebCore::EventTarget::fireEventListeners (this=0x8b7f108, event=0x8649b60) at ../../../WebCore/dom/EventTarget.cpp:304
#28 0xb63e0543 in WebCore::Node::handleLocalEvents (this=0x8b7f108, event=0x8649b60) at ../../../WebCore/dom/Node.cpp:2484
#29 0xb63e0d8b in WebCore::Node::dispatchGenericEvent (this=0x8b7f108, prpEvent=...) at ../../../WebCore/dom/Node.cpp:2602
#30 0xb63e0928 in WebCore::Node::dispatchEvent (this=0x8b7f108, prpEvent=...) at ../../../WebCore/dom/Node.cpp:2547
#31 0xb6553c24 in WebCore::HTMLScriptElement::dispatchLoadEvent (this=0x8b7f108) at ../../../WebCore/html/HTMLScriptElement.cpp:189
#32 0xb640c9f4 in WebCore::ScriptElementData::execute (this=0x8b7f150, cachedScript=0x8b845c8) at ../../../WebCore/dom/ScriptElement.cpp:223
#33 0xb634927d in WebCore::AsyncScriptRunner::timerFired (this=0x82c4030, timer=0x82c4040) at ../../../WebCore/dom/AsyncScriptRunner.cpp:87
#34 0xb6349db6 in WebCore::Timer<WebCore::AsyncScriptRunner>::fired (this=0x82c4040) at ../../../WebCore/platform/Timer.h:98
#35 0xb67fef8c in WebCore::ThreadTimers::sharedTimerFiredInternal (this=0x82cfc98) at ../../../WebCore/platform/ThreadTimers.cpp:112
#36 0xb67feed3 in WebCore::ThreadTimers::sharedTimerFired () at ../../../WebCore/platform/ThreadTimers.cpp:90
#37 0xb69e6226 in WebCore::SharedTimerQt::timerEvent (this=0x82cfcc8, ev=0xbfffed30) at ../../../WebCore/platform/qt/SharedTimerQt.cpp:116
#38 0xb3dea6f4 in QObject::event (this=0x82cfcc8, e=0xbfffd658) at kernel/qobject.cpp:1175
#39 0xb406c65c in QApplicationPrivate::notify_helper (this=0x8131be0, receiver=0x82cfcc8, e=0xbfffed30) at kernel/qapplication.cpp:4396
#40 0xb4073b4e in QApplication::notify (this=0xbffff0f0, receiver=0x82cfcc8, e=0xbfffed30) at kernel/qapplication.cpp:3798
#41 0xb3dd7deb in QCoreApplication::notifyInternal (this=0xbffff0f0, receiver=0x82cfcc8, event=0xbfffed30) at kernel/qcoreapplication.cpp:732
#42 0xb3e09b16 in QCoreApplication::sendEvent (this=0x81381b4) at kernel/qcoreapplication.h:215
#43 QTimerInfoList::activateTimers (this=0x81381b4) at kernel/qeventdispatcher_unix.cpp:602
#44 0xb3e068d4 in timerSourceDispatch (source=0x8138180) at kernel/qeventdispatcher_glib.cpp:184
#45 0xb304d5e5 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#46 0xb30512d8 in ?? () from /lib/libglib-2.0.so.0
---Type <return> to continue, or q <return> to quit---q

No reduction yet.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list