[Webkit-unassigned] [Bug 142160] New: ASSERTION FAILED: charactersWritten > 0 && static_cast<unsigned>(charactersWritten) < sizeof(buffer) in JSC::dateProtoFuncToISOString
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Mar 2 04:05:22 PST 2015
https://bugs.webkit.org/show_bug.cgi?id=142160
Bug ID: 142160
Summary: ASSERTION FAILED: charactersWritten > 0 &&
static_cast<unsigned>(charactersWritten) <
sizeof(buffer) in JSC::dateProtoFuncToISOString
Classification: Unclassified
Product: WebKit
Version: 528+ (Nightly build)
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
Assignee: webkit-unassigned at lists.webkit.org
Reporter: rhodovan.u-szeged at partner.samsung.com
CC: benjamin at webkit.org, ggaren at apple.com
Blocks: 116980
Created attachment 247657
--> https://bugs.webkit.org/attachment.cgi?id=247657&action=review
Test case
Load this script with debug jsc:
var d = new Date(0);
d.setUTCFullYear(-200e6);
d.toISOString();
Backtrace:
ASSERTION FAILED: charactersWritten > 0 && static_cast<unsigned>(charactersWritten) < sizeof(buffer)
../../Source/JavaScriptCore/runtime/DatePrototype.cpp(542) : JSC::EncodedJSValue JSC::dateProtoFuncToISOString(JSC::ExecState*)
1 0x7ffff73f24ca /home/reni/data/REPOS/webkit/WebKitBuild/Debug/lib/libjavascriptcoregtk-4.0.so.18(WTFCrash+0x1e) [0x7ffff73f24ca]
2 0x7ffff724a1c9 /home/reni/data/REPOS/webkit/WebKitBuild/Debug/lib/libjavascriptcoregtk-4.0.so.18(_ZN3JSC24dateProtoFuncToISOStringEPNS_9ExecStateE+0x410) [0x7ffff724a1c9]
3 0x7fffadfff0a8 [0x7fffadfff0a8]
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff73f24cf in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
321 *(int *)(uintptr_t)0xbbadbeef = 0;
(gdb) bt
#0 0x00007ffff73f24cf in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
#1 0x00007ffff724a1c9 in JSC::dateProtoFuncToISOString (exec=0x7fffffffca90) at ../../Source/JavaScriptCore/runtime/DatePrototype.cpp:542
#2 0x00007fffadfff0a8 in ?? ()
#3 0x00007fffffffcad0 in ?? ()
#4 0x00007ffff73a05ef in llint_entry () from /home/reni/data/REPOS/webkit/WebKitBuild/Debug/lib/libjavascriptcoregtk-4.0.so.18
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150302/4e53e00c/attachment-0002.html>
More information about the webkit-unassigned
mailing list