[Webkit-unassigned] [Bug 69599] [JSC] JIT buffer refcounting causing assertions in debug WebSocket tests when using proxy PAC
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Oct 6 20:37:56 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=69599
--- Comment #1 from Dominic Cooney <dominicc at chromium.org> 2011-10-06 20:37:55 PST ---
Here’s evidence of calling FindProxyForURL using the same objects.
ASSERTION FAILED: m_verifier.isSafeToUse()
./wtf/RefCounted.h(122) : bool WTF::RefCountedBase::derefBase()
2 0x1002288a4 WTF::RefCountedBase::derefBase()
3 0x1003ac931 WTF::RefCounted<WTF::MetaAllocatorHandle>::deref()
4 0x100217303 void WTF::derefIfNotNull<WTF::MetaAllocatorHandle>(WTF::MetaAllocatorHandle*)
5 0x1003acc49 WTF::RefPtr<WTF::MetaAllocatorHandle>::operator=(WTF::RefPtr<WTF::MetaAllocatorHandle> const&)
6 0x1003acc83 JSC::MacroAssemblerCodeRef::operator=(JSC::MacroAssemblerCodeRef const&)
7 0x100247b2d JSC::JITCode::operator=(JSC::JITCode const&)
8 0x100242466 JSC::DFG::JITCompiler::compileFunction(JSC::JITCode&, JSC::MacroAssemblerCodePtr&)
9 0x1001c11a9 JSC::DFG::compile(JSC::DFG::CompileMode, JSC::ExecState*, JSC::ExecState*, JSC::CodeBlock*, JSC::JITCode&, JSC::MacroAssemblerCodePtr*)
10 0x1001bc9a0 JSC::DFG::tryCompileFunction(JSC::ExecState*, JSC::ExecState*, JSC::CodeBlock*, JSC::JITCode&, JSC::MacroAssemblerCodePtr&)
11 0x100262d0e JSC::FunctionExecutable::compileForCallInternal(JSC::ExecState*, JSC::ScopeChainNode*, JSC::ExecState*, JSC::JITCode::JITType)
12 0x100263076 JSC::FunctionExecutable::compileOptimizedForCall(JSC::ExecState*, JSC::ScopeChainNode*, JSC::ExecState*)
13 0x100215c5d JSC::FunctionExecutable::compileOptimizedFor(JSC::ExecState*, JSC::ScopeChainNode*, JSC::CodeSpecializationKind)
14 0x100206766 JSC::FunctionCodeBlock::compileOptimized(JSC::ExecState*, JSC::ScopeChainNode*)
15 0x1002a2f86 cti_optimize_from_ret
16 0x10029b301 jscGeneratedNativeCode
17 0x1002797f4 JSC::JITCode::execute(JSC::RegisterFile*, JSC::ExecState*, JSC::JSGlobalData*)
18 0x100273aaf JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&)
19 0x100205021 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&)
20 0x1002e6303 JSObjectCallAsFunction
21 0x7fff8210c6c1 CallFindProxyForURL
22 0x7fff8210eb44 executionContextPerform(void*)
23 0x7fff83d22401 __CFRunLoopDoSources0
24 0x7fff83d205f9 __CFRunLoopRun
25 0x7fff83d1fdbf CFRunLoopRunSpecific
26 0x7fff8a090c64 -[NSRunLoop(NSRunLoop) runMode:beforeDate:]
27 0x100013788 runTest(std::string const&)
28 0x100013c9f runTestingServerLoop()
29 0x1000140b4 dumpRenderTree(int, char const**)
30 0x1000142d6 main
31 0x1000023a8 start
This is with a small PAC file:
function FindProxyForURL(url, host) {
return 'DIRECT';
}
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list