[Webkit-unassigned] [Bug 122134] New: REGRESSION: inspector/debugger/live-edit-breakpoints.html flakily crashes in Structure::getConcurrently

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Sep 30 16:30:43 PDT 2013 

https://bugs.webkit.org/show_bug.cgi?id=122134

           Summary: REGRESSION:
                    inspector/debugger/live-edit-breakpoints.html flakily
                    crashes in Structure::getConcurrently
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: NEW
          Keywords: MakingBotsRed, Regression
          Severity: Normal
          Priority: P1
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: ap at webkit.org
                CC: ggaren at apple.com, oliver at apple.com, msaboff at apple.com,
                    fpizlo at apple.com


A few days ago, we started getting crashes in inspector/debugger/live-edit-breakpoints.html. This was (very) roughly around r156470.

This is a recent regression and is very bad for bot stability, as it crashes in release too. Please fix soon!

Thread 13 Crashed:: JSC Compilation Thread
0   com.apple.JavaScriptCore          0x00000001007fd196 JSC::Structure::getConcurrently(JSC::VM&, WTF::StringImpl*, unsigned int&, JSC::JSCell*&) + 182 (PropertyMapHashTable.h:295)
1   com.apple.JavaScriptCore          0x0000000100641dca JSC::GetByIdStatus::computeFor(JSC::VM&, JSC::Structure*, WTF::StringImpl*) + 442 (GetByIdStatus.cpp:279)
2   com.apple.JavaScriptCore          0x00000001005672b7 JSC::DFG::AbstractInterpreter<JSC::DFG::InPlaceAbstractState>::executeEffects(unsigned int, JSC::DFG::Node*) + 2119 (GetByIdStatus.h:80)
3   com.apple.JavaScriptCore          0x0000000100565ac9 JSC::DFG::CFAPhase::performBlockCFA(JSC::DFG::BasicBlock*) + 537 (DFGAbstractInterpreterInlines.h:1577)
4   com.apple.JavaScriptCore          0x0000000100565886 JSC::DFG::CFAPhase::run() + 214 (DFGCFAPhase.cpp:134)
5   com.apple.JavaScriptCore          0x0000000100565745 bool JSC::DFG::runPhase<JSC::DFG::CFAPhase>(JSC::DFG::Graph&) + 117 (DFGCommon.h:106)
6   com.apple.JavaScriptCore          0x00000001005656c9 JSC::DFG::performCFA(JSC::DFG::Graph&) + 9 (DFGCFAPhase.cpp:151)
7   com.apple.JavaScriptCore          0x00000001005bad9b JSC::DFG::Plan::compileInThreadImpl(JSC::DFG::LongLivedState&) + 571 (DFGPlan.cpp:201)
8   com.apple.JavaScriptCore          0x00000001005ba9c5 JSC::DFG::Plan::compileInThread(JSC::DFG::LongLivedState&) + 245 (DFGPlan.cpp:116)
9   com.apple.JavaScriptCore          0x00000001006332fb JSC::DFG::Worklist::runThread() + 539 (DFGWorklist.cpp:239)
10  com.apple.JavaScriptCore          0x000000010088b16f WTF::wtfThreadEntryPoint(void*) + 15 (ThreadingPthreads.cpp:195)

http://build.webkit.org/results/Apple%20MountainLion%20Release%20WK1%20(Tests)/r156534%20(13290)/inspector/debugger/live-edit-breakpoints-crash-log.txt

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list