Status: Assigned
Owner: [email protected]
CC: [email protected]
Labels: Type-Bug Priority-Medium
New issue 4339 by [email protected]: Fatal error in
v8::Object::SetAlignedPointerInInternalField
https://code.google.com/p/v8/issues/detail?id=4339
Version: 8548ea5d
OS: Ubuntu 15.04
Architecture: x64
What steps will reproduce the problem?
1. Load this with debug v8:
Worker.prototype.constructor("55");
Backtrace:
#
# Fatal error in v8::Object::SetAlignedPointerInInternalField()
# Internal field out of bounds
#
Program received signal SIGILL, Illegal instruction.
v8::base::OS::Abort () at ../src/base/platform/platform-posix.cc:229
229 V8_IMMEDIATE_CRASH();
(gdb) bt
#0 v8::base::OS::Abort () at ../src/base/platform/platform-posix.cc:229
#1 0x0000000000adb84f in v8::Utils::ReportApiFailure
(location=0x1626007 "v8::Object::SetAlignedPointerInInternalField()",
message=0x16282da "Internal field out of bounds") at ../src/api.cc:289
#2 0x0000000000adb7ef in v8::Utils::ApiCheck (condition=false,
location=0x1626007 "v8::Object::SetAlignedPointerInInternalField()",
message=0x16282da "Internal field out of bounds") at .././src/api.h:185
#3 0x0000000000b0289d in v8::InternalFieldOK (obj=..., index=0,
location=0x1626007 "v8::Object::SetAlignedPointerInInternalField()")
at ../src/api.cc:5291
#4 0x0000000000b02c41 in v8::Object::SetAlignedPointerInInternalField
(this=0x7fffffffcb98, index=0, value=0x0) at ../src/api.cc:5326
#5 0x0000000000aaef7d in v8::Shell::WorkerNew (args=...)
at ../src/d8.cc:707
#6 0x000000000112ab5c in v8::internal::FunctionCallbackArguments::Call
(this=0x7fffffffcb80,
f=0xaaeeb0 <v8::Shell::WorkerNew(v8::FunctionCallbackInfo<v8::Value>
const&)>) at ../src/arguments.cc:33
#7 0x0000000000b6a553 in v8::internal::HandleApiCallHelper<false>
(isolate=0x23b0030, args=...) at ../src/builtins.cc:1010
#8 0x0000000000b75794 in v8::internal::Builtin_Impl_HandleApiCall
(args=..., isolate=0x23b0030) at ../src/builtins.cc:1033
#9 0x0000000000b6ab50 in v8::internal::Builtin_HandleApiCall
(args_length=3, args_object=0x7fffffffcda8, isolate=0x23b0030)
at ../src/builtins.cc:1029
#10 0x00000a97f89080db in ?? ()
#11 0x00001714bf5c8a19 in ?? ()
#12 0x00000a97f8908021 in ?? ()
#13 0x00007fffffffcd70 in ?? ()
#14 0x00007fffffffcdd0 in ?? ()
#15 0x00000a97f8938c97 in ?? ()
#16 0x00001714bf5c8a19 in ?? ()
#17 0x00001714bf5cbc29 in ?? ()
#18 0x00000a9e4e008489 in ?? ()
#19 0x00001714bf5c8a19 in ?? ()
#20 0x00001714bf504161 in ?? ()
#21 0x00001714bf5cbe19 in ?? ()
#22 0x00001714bf5a2199 in ?? ()
#23 0x00007fffffffce08 in ?? ()
#24 0x00000a97f89325bd in ?? ()
#25 0x00000a9e4e0051f9 in ?? ()
#26 0x00001714bf5cbe19 in ?? ()
#27 0x00000a97f89324c1 in ?? ()
#28 0x0000000800000000 in ?? ()
#29 0x0000000000000000 in ?? ()
Attachments:
crash.js 35 bytes
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
