Closed
Bug 844476
Opened 11 years ago
Closed 11 years ago
OdinMonkey: Crash on heap
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 844483
People
(Reporter: decoder, Unassigned)
References
Details
(Keywords: crash, testcase, Whiteboard: [jsbugmon:ignore])
The following testcase crashes on odinmonkey revision 1bfa5e6b2087 (run with --ion-eager):
this['Module'] = Module = {};
Module['arguments'] = arguments;
var TOTAL_MEMORY = Module['TOTAL_MEMORY'] || 16777216;
var buffer = new ArrayBuffer(TOTAL_MEMORY);
function _printf(format, y) {}
var asm = (function(global, env, buffer) {
'use asm';
var HEAP32 = new global.Int32Array(buffer);
var STACKTOP=env.STACKTOP|0;
var tempInt = 0, tempDouble = 0.0;
var _printf=env._printf;
function _main() {
var i1 = 0, i2 = 0, i3 = 0;
_printf(5242936, (tempInt = STACKTOP, HEAP32[2147483648 >> 2] = i2, tempInt) | 0) | 0;
}
return { _main: _main };
})({ Int32Array: Int32Array }, { _printf: _printf }, buffer);
var _main = Module["_main"] = asm._main;
Module.callMain = function callMain(args) {
var argc = args.length+1;
ret = Module['_main'](argc, 0);
}
function run(args) {
args = args || Module['arguments'];
ret = Module.callMain(args);
}
var ret = run();
|
Reporter | |
Comment 1•11 years ago
|
||
Crash info: Program received signal SIGSEGV, Segmentation fault. 0x00007ffff7fa2021 in ?? () (gdb) bt #0 0x00007ffff7fa2021 in ?? () #1 0x00007ffff4e41420 in ?? () #2 0x00007ffff7fa3051 in ?? () #3 0x00007fffffffb978 in ?? () #4 0x0000000000c5c1f0 in ?? () #5 0x00007fffffffba00 in ?? () #6 0x0000000000c4a210 in ?? () warning: (Internal error: pc 0x0 in read in psymtab, but not in symtab.) #7 0x0000000000000000 in ?? () (gdb) x /i $pc => 0x7ffff7fa2021: movl $0x0,-0x80000000(%r15) (gdb) info reg r15 r15 0x7ffee7fff000 140732790730752
|
||
Updated•11 years ago
|
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•