[Webkit-unassigned] [Bug 257312] Memory crash error. jsc shell execution of a specific js statement causes an abnormal memory crash.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri May 26 06:13:53 PDT 2023
https://bugs.webkit.org/show_bug.cgi?id=257312
--- Comment #5 from 824870754 at qq.com ---
(In reply to Alexey Proskuryakov from comment #1)
> I tried running this with a macOS ASan build, and just got "undefined", no
> crash or timeout.
Sorry for your failure to reproduce my crashes, I'll give as much information as I can.
1. the commit of webkit is https://github.com/WebKit/WebKit/tree/webkitgtk-2.39.3/Source/JavaScriptCore
2. we build jsc with that: ./Tools/Scripts/build-jsc --jsc-only --debug --cmakeargs="-DENABLE_STATIC_JSC=ON -DCMAKE_C_COMPILER='/usr/bin/clang' -DCMAKE_CXX_COMPILER='/usr/bin/clang++' -DCMAKE_CXX_FLAGS='-fsanitize-coverage=trace-pc-guard -O3 -lrt
3. our paltform: A linux server, We built and executed some tests.
4. our cpu: Intel(R) Xeon(R) Gold 6226R CPU
and When we let jsc execute the above code under this configuration, the following crash error occurs:
[COV] no shared memory bitmap available, skipping
[COV] edge counters initialized. Shared memory: (null) with 800697 edges
"write(REPRL_CWFD, helo, 4) == 4" failed
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230526/f9cc5181/attachment.htm>
More information about the webkit-unassigned
mailing list