[Webkit-unassigned] [Bug 126990] New: ASSERTION FAILED: !hasError() in JSC::Parser<LexerType>::createSavePoint()
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jan 14 10:22:23 PST 2014
https://bugs.webkit.org/show_bug.cgi?id=126990
Summary: ASSERTION FAILED: !hasError() in
JSC::Parser<LexerType>::createSavePoint()
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
OS/Version: Linux
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: reni at webkit.org
Blocks: 116980
Created an attachment (id=221175)
--> (https://bugs.webkit.org/attachment.cgi?id=221175&action=review)
Test case
The test fails on x86_64, Ubuntu 12.10:
const var_0 = (null < !), var_0 = 1 + { };
Backtrace:
ASSERTION FAILED: !hasError()
/home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/parser/Parser.h(782) : JSC::Parser<LexerType>::SavePoint JSC::Parser<LexerType>::createSavePoint() [with LexerType = JSC::Lexer<unsigned char>]
1 0x7ffff74a3e44 WTFCrash
2 0x7ffff72a554e JSC::Parser<JSC::Lexer<unsigned char> >::createSavePoint()
3 0x7ffff72fae78 JSC::ASTBuilder::Expression JSC::Parser<JSC::Lexer<unsigned char> >::parseObjectLiteral<JSC::ASTBuilder>(JSC::ASTBuilder&)
4 0x7ffff72f26f5 JSC::ASTBuilder::Expression JSC::Parser<JSC::Lexer<unsigned char> >::parsePrimaryExpression<JSC::ASTBuilder>(JSC::ASTBuilder&)
5 0x7ffff72eba4f JSC::ASTBuilder::Expression JSC::Parser<JSC::Lexer<unsigned char> >::parseMemberExpression<JSC::ASTBuilder>(JSC::ASTBuilder&)
6 0x7ffff72dd6fe JSC::ASTBuilder::Expression JSC::Parser<JSC::Lexer<unsigned char> >::parseUnaryExpression<JSC::ASTBuilder>(JSC::ASTBuilder&)
7 0x7ffff72db55d JSC::ASTBuilder::Expression JSC::Parser<JSC::Lexer<unsigned char> >::parseBinaryExpression<JSC::ASTBuilder>(JSC::ASTBuilder&)
8 0x7ffff72d57c7 JSC::ASTBuilder::Expression JSC::Parser<JSC::Lexer<unsigned char> >::parseConditionalExpression<JSC::ASTBuilder>(JSC::ASTBuilder&)
9 0x7ffff72ca55c JSC::ASTBuilder::Expression JSC::Parser<JSC::Lexer<unsigned char> >::parseAssignmentExpression<JSC::ASTBuilder>(JSC::ASTBuilder&)
10 0x7ffff72bd2d2 JSC::ASTBuilder::ConstDeclList JSC::Parser<JSC::Lexer<unsigned char> >::parseConstDeclarationList<JSC::ASTBuilder>(JSC::ASTBuilder&)
11 0x7ffff72af8f3 JSC::ASTBuilder::Statement JSC::Parser<JSC::Lexer<unsigned char> >::parseConstDeclaration<JSC::ASTBuilder>(JSC::ASTBuilder&)
12 0x7ffff72ace7b JSC::ASTBuilder::Statement JSC::Parser<JSC::Lexer<unsigned char> >::parseStatement<JSC::ASTBuilder>(JSC::ASTBuilder&, JSC::Identifier const*&, unsigned int*)
13 0x7ffff72aa45b JSC::ASTBuilder::SourceElements JSC::Parser<JSC::Lexer<unsigned char> >::parseSourceElements<JSC::ASTBuilder>(JSC::ASTBuilder&, JSC::SourceElementsMode)
14 0x7ffff72a4012 JSC::Parser<JSC::Lexer<unsigned char> >::parseInner()
15 0x7ffff6f90a37 WTF::PassRefPtr<JSC::ProgramNode> JSC::Parser<JSC::Lexer<unsigned char> >::parse<JSC::ProgramNode>(JSC::ParserError&)
16 0x7ffff6f90641 WTF::PassRefPtr<JSC::ProgramNode> JSC::parse<JSC::ProgramNode>(JSC::VM*, JSC::SourceCode const&, JSC::FunctionParameters*, JSC::Identifier const&, JSC::JSParserStrictness, JSC::JSParserMode, JSC::ParserError&, JSC::JSTextPosition*)
17 0x7ffff733be82 JSC::UnlinkedProgramCodeBlock* JSC::CodeCache::getGlobalCodeBlock<JSC::UnlinkedProgramCodeBlock, JSC::ProgramExecutable>(JSC::VM&, JSC::ProgramExecutable*, JSC::SourceCode const&, JSC::JSParserStrictness, JSC::DebuggerMode, JSC::ProfilerMode, JSC::ParserError&)
18 0x7ffff733a55f JSC::CodeCache::getProgramCodeBlock(JSC::VM&, JSC::ProgramExecutable*, JSC::SourceCode const&, JSC::JSParserStrictness, JSC::DebuggerMode, JSC::ProfilerMode, JSC::ParserError&)
19 0x7ffff7382c49 JSC::JSGlobalObject::createProgramCodeBlock(JSC::ExecState*, JSC::ProgramExecutable*, JSC::JSObject**)
20 0x7ffff7354d87 JSC::ProgramExecutable::initializeGlobalProperties(JSC::VM&, JSC::ExecState*, JSC::JSScope*)
21 0x7ffff722f1dd JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*)
22 0x7ffff73480bc JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*)
23 0x41747c
24 0x41824b jscmain(int, char**)
25 0x417268 main
26 0x7ffff5a4d76d __libc_start_main
27 0x415a79
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff74a3e49 in WTFCrash () at /home/reni/Data/REPOS/webkit_sec/Source/WTF/wtf/Assertions.cpp:333
333 *(int *)(uintptr_t)0xbbadbeef = 0;
(gdb) bt
#0 0x00007ffff74a3e49 in WTFCrash () at /home/reni/Data/REPOS/webkit_sec/Source/WTF/wtf/Assertions.cpp:333
#1 0x00007ffff72a554e in JSC::Parser<JSC::Lexer<unsigned char> >::createSavePoint (this=0x7fffffffac20)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/parser/Parser.h:782
#2 0x00007ffff72fae78 in JSC::Parser<JSC::Lexer<unsigned char> >::parseObjectLiteral<JSC::ASTBuilder> (this=0x7fffffffac20, context=...)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/parser/Parser.cpp:1760
#3 0x00007ffff72f26f5 in JSC::Parser<JSC::Lexer<unsigned char> >::parsePrimaryExpression<JSC::ASTBuilder> (this=0x7fffffffac20, context=...)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/parser/Parser.cpp:1936
#4 0x00007ffff72eba4f in JSC::Parser<JSC::Lexer<unsigned char> >::parseMemberExpression<JSC::ASTBuilder> (this=0x7fffffffac20, context=...)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/parser/Parser.cpp:2082
#5 0x00007ffff72dd6fe in JSC::Parser<JSC::Lexer<unsigned char> >::parseUnaryExpression<JSC::ASTBuilder> (this=0x7fffffffac20, context=...)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/parser/Parser.cpp:2206
#6 0x00007ffff72db55d in JSC::Parser<JSC::Lexer<unsigned char> >::parseBinaryExpression<JSC::ASTBuilder> (this=0x7fffffffac20, context=...)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/parser/Parser.cpp:1640
#7 0x00007ffff72d57c7 in JSC::Parser<JSC::Lexer<unsigned char> >::parseConditionalExpression<JSC::ASTBuilder> (this=0x7fffffffac20, context=...)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/parser/Parser.cpp:1600
#8 0x00007ffff72ca55c in JSC::Parser<JSC::Lexer<unsigned char> >::parseAssignmentExpression<JSC::ASTBuilder> (this=0x7fffffffac20, context=...)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/parser/Parser.cpp:1534
#9 0x00007ffff72bd2d2 in JSC::Parser<JSC::Lexer<unsigned char> >::parseConstDeclarationList<JSC::ASTBuilder> (this=0x7fffffffac20, context=...)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/parser/Parser.cpp:662
#10 0x00007ffff72af8f3 in JSC::Parser<JSC::Lexer<unsigned char> >::parseConstDeclaration<JSC::ASTBuilder> (this=0x7fffffffac20, context=...)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/parser/Parser.cpp:360
#11 0x00007ffff72ace7b in JSC::Parser<JSC::Lexer<unsigned char> >::parseStatement<JSC::ASTBuilder> (this=0x7fffffffac20, context=...,
directive=@0x7fffffffa2f8: 0x0, directiveLiteralLength=0x7fffffffa314) at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/parser/Parser.cpp:1089
#12 0x00007ffff72aa45b in JSC::Parser<JSC::Lexer<unsigned char> >::parseSourceElements<JSC::ASTBuilder> (this=0x7fffffffac20, context=...,
mode=JSC::CheckForStrictMode) at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/parser/Parser.cpp:301
#13 0x00007ffff72a4012 in JSC::Parser<JSC::Lexer<unsigned char> >::parseInner (this=0x7fffffffac20)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/parser/Parser.cpp:248
#14 0x00007ffff6f90a37 in JSC::Parser<JSC::Lexer<unsigned char> >::parse<JSC::ProgramNode> (this=0x7fffffffac20, error=...)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/parser/Parser.h:887
#15 0x00007ffff6f90641 in JSC::parse<JSC::ProgramNode> (vm=0x6472c0, source=..., parameters=0x0, name=..., strictness=JSC::JSParseNormal,
parserMode=JSC::JSParseProgramCode, error=..., positionBeforeLastNewline=0x0)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/parser/Parser.h:957
#16 0x00007ffff733be82 in JSC::CodeCache::getGlobalCodeBlock<JSC::UnlinkedProgramCodeBlock, JSC::ProgramExecutable> (this=0x659100, vm=...,
executable=0x7fffa97ffef0, source=..., strictness=JSC::JSParseNormal, debuggerMode=JSC::DebuggerOff, profilerMode=JSC::ProfilerOff, error=...)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/runtime/CodeCache.cpp:95
#17 0x00007ffff733a55f in JSC::CodeCache::getProgramCodeBlock (this=0x659100, vm=..., executable=0x7fffa97ffef0, source=..., strictness=JSC::JSParseNormal,
debuggerMode=JSC::DebuggerOff, profilerMode=JSC::ProfilerOff, error=...)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/runtime/CodeCache.cpp:129
#18 0x00007ffff7382c49 in JSC::JSGlobalObject::createProgramCodeBlock (this=0x7fffa98af970, callFrame=0x7fffa98af9b0, executable=0x7fffa97ffef0,
exception=0x7fffffffc4c0) at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/runtime/JSGlobalObject.cpp:723
#19 0x00007ffff7354d87 in JSC::ProgramExecutable::initializeGlobalProperties (this=0x7fffa97ffef0, vm=..., callFrame=0x7fffa98af9b0, scope=0x7fffa98af970)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/runtime/Executable.cpp:466
#20 0x00007ffff722f1dd in JSC::Interpreter::execute (this=0x6591c0, program=0x7fffa97ffef0, callFrame=0x7fffa98af9b0, thisObj=0x7fffa986fb90)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/interpreter/Interpreter.cpp:879
#21 0x00007ffff73480bc in JSC::evaluate (exec=0x7fffa98af9b0, source=..., thisValue=..., returnedException=0x7fffffffdac0)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/runtime/Completion.cpp:82
#22 0x000000000041747c in runWithScripts (globalObject=0x7fffa98af970, scripts=..., dump=false)
at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/jsc.cpp:660
#23 0x000000000041824b in jscmain (argc=2, argv=0x7fffffffdd68) at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/jsc.cpp:877
#24 0x0000000000417268 in main (argc=2, argv=0x7fffffffdd68) at /home/reni/Data/REPOS/webkit_sec/Source/JavaScriptCore/jsc.cpp:618
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list