[Webkit-unassigned] [Bug 100504] New: [BlackBerry] ASSERT currentThreadIsHoldingLock() failed in MarkedAllocator::allocateSlowCase()
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Oct 26 05:01:30 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=100504
Summary: [BlackBerry] ASSERT currentThreadIsHoldingLock()
failed in MarkedAllocator::allocateSlowCase()
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: WebKit BlackBerry
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: xuewen.wang at torchmobile.com.cn
DESCRIPTION:
This is similar with a resolved bug 95492, but it has different code path.
I will make a patch in the same way.
HOW TO REPRODUCE:
1) Build debug version webkit
2) open bing.com
3) after it loaded, open baidu.com
EXPECTED:
Baidu.com is loaded and browser should not crash
ACTUAL:
Browser crashed at the assertion failure as following.
Thread [3] (Suspended: Signal 'SIGSEGV' received. Description: Segmentation
fault.)
22 JSC::MarkedAllocator::allocateSlowCase() MarkedAllocator.cpp:76
0x02954174
21 JSC::MarkedAllocator::allocate() MarkedAllocator.h:83 0x793f43e4
20 JSC::MarkedSpace::allocateWithDestructor() MarkedSpace.h:197 0x793f4518
19 JSC::Heap::allocateWithDestructor() Heap.h:366 0x793f4668
18 JSC::allocateCell<JSC::JSAPIValueWrapper>() JSCell.h:337 0x793ff2ac
17 JSC::JSAPIValueWrapper::create() JSAPIValueWrapper.h:49 0x793fb664
16 JSC::jsAPIValueWrapper() JSAPIValueWrapper.h:73 0x793fb814
15 toRef() APICast.h:114 0x793fb8a0
14 BlackBerry::WebKit::WebPagePrivate::executeJavaScriptInIsolatedWorld()
WebPage.cpp:860 0x793d9f08
13 BlackBerry::WebKit::WebPage::executeJavaScriptInIsolatedWorld()
WebPage.cpp:915 0x793da308
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list