[Webkit-unassigned] [Bug 72906] New: ASSERT in JSC::cti_op_get_by_id_self_fail
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Nov 21 12:59:52 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=72906
Summary: ASSERT in JSC::cti_op_get_by_id_self_fail
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: xan.lopez at gmail.com
r100946, using DFG on x86-64.
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff3e06890 in JSC::cti_op_get_by_id_self_fail (args=0x7fffffffc0c0) at ../../Source/JavaScriptCore/jit/JITStubs.cpp:1711
1711 ASSERT(!stubInfo->stubRoutine);
(gdb) bt
#0 0x00007ffff3e06890 in JSC::cti_op_get_by_id_self_fail (args=0x7fffffffc0c0) at ../../Source/JavaScriptCore/jit/JITStubs.cpp:1711
#1 0x00007ffff3e04534 in JSC::JITThunks::tryCacheGetByID (callFrame=0x2, codeBlock=0x0, returnAddress=..., baseValue=...,
propertyName=..., slot=..., stubInfo=0x7fff984a08e0) at ../../Source/JavaScriptCore/jit/JITStubs.cpp:952
#2 0x00007fffffffc0e0 in ?? ()
#3 0x00007fff984a08e0 in ?? ()
#4 0x0000000005feeb38 in ?? ()
#5 0x0000000005feeb00 in ?? ()
#6 0x00007fff9b818167 in ?? ()
#7 0x00007ffff3cceef5 in JSC::Register::Register (this=0xe8c78948104d8b48) at ../../Source/JavaScriptCore/interpreter/Register.h:101
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb)
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list