[Webkit-unassigned] [Bug 173488] New: Intermittent crash running Internal/Tests/InternalJSTests/Regress/radar-24300617.js

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Jun 16 12:38:39 PDT 2017 

https://bugs.webkit.org/show_bug.cgi?id=173488

            Bug ID: 173488
           Summary: Intermittent crash running
                    Internal/Tests/InternalJSTests/Regress/radar-24300617.
                    js
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: msaboff at apple.com

While running JavaSCriptCore tests on a release build of r218202 I got a crash under JSC::JSObject::visitChildren().

Here is the relevent part of the crashing stack’s backtrace:
Thread 8 Crashed:: WTF::AutomaticThread
0   com.apple.JavaScriptCore            0x000000010ade8759 JSC::JSObject::visitChildren(JSC::JSCell*, JSC::SlotVisitor&) + 1641 (MarkedBlock.h:497)
1   com.apple.JavaScriptCore            0x000000010a8c5675 JSC::ClonedArguments::visitChildren(JSC::JSCell*, JSC::SlotVisitor&) + 21 (WriteBarrier.h:91)
2   com.apple.JavaScriptCore            0x000000010b06030e JSC::SlotVisitor::drain(WTF::MonotonicTime)::$_3::operator()(JSC::MarkStackArray&) const + 334 (SlotVisitor.cpp:388)
3   com.apple.JavaScriptCore            0x000000010b05e554 JSC::SlotVisitor::drain(WTF::MonotonicTime) + 164 (SlotVisitorInlines.h:173)
4   com.apple.JavaScriptCore            0x000000010b05ea2d JSC::SlotVisitor::drainFromShared(JSC::SlotVisitor::SharedDrainMode, WTF::MonotonicTime) + 61 (SlotVisitor.cpp:652)
5   com.apple.JavaScriptCore            0x000000010ac7bbf2 WTF::SharedTaskFunctor<void (), JSC::Heap::runBeginPhase(JSC::GCConductor)::$_11>::run() + 594 (SlotVisitor.h:258)
6   com.apple.JavaScriptCore            0x000000010b1c790c WTF::ParallelHelperClient::runTask(WTF::RefPtr<WTF::SharedTask<void ()> >) + 44 (RefPtr.h:80)
7   com.apple.JavaScriptCore            0x000000010b1c8400 WTF::ParallelHelperPool::Thread::work() + 48 (utility:754)
…

I tried reproducing by running the test 20 times and got 2 crashes.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170616/f204e988/attachment.html>

More information about the webkit-unassigned mailing list