[Webkit-unassigned] [Bug 18430] New: SIGSEGV on amd64 when built with gcc 4.3
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Apr 11 11:56:28 PDT 2008
http://bugs.webkit.org/show_bug.cgi?id=18430
Summary: SIGSEGV on amd64 when built with gcc 4.3
Product: WebKit
Version: 526+ (Nightly build)
Platform: Other
OS/Version: Mac OS X 10.5
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: mh+webkit at glandium.org
- This seems to happen whatever the loaded url.
- It doesn't happen when built with no optimization (-O0)
- It happens with or without the patch from bug 18367 applied
- It doesn't crash when built with gcc 4.2.3
- Only tested on Gtk Port
- Full backtrace follows:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x2b9464617ec0 (LWP 32739)]
KJS::JSGlobalObject::getOwnPropertySlot (this=0x2b9466510000,
exec=0x7fff506e95f0, propertyName=@0x2b9465881268, slot=@0x7fff506e9410) at
JavaScriptCore/kjs/ustring.h:101
101 unsigned computedHash() const { ASSERT(_hash); return _hash; } //
fast path for Identifiers
Current language: auto; currently c++
(gdb) bt full
#0 KJS::JSGlobalObject::getOwnPropertySlot (this=0x2b9466510000,
exec=0x7fff506e95f0, propertyName=@0x2b9465881268, slot=@0x7fff506e9410)
at JavaScriptCore/kjs/ustring.h:101
No locals.
#1 0x00002b945a7f80ad in WebCore::JSDOMWindow::customGetOwnPropertySlot
(this=0x2b9466510000, exec=0x7fff506e95f0, propertyName=@0x2b9465881268,
slot=@0x7fff506e9410)
at WebCore/bindings/js/JSDOMWindowCustom.cpp:103
entry = <value optimized out>
allowsAccess = true
#2 0x00002b945a786979 in WebCore::JSDOMWindow::getOwnPropertySlot
(this=0x35abd9269, exec=0x7fff506e95f0, propertyName=@0x2b9465881268,
slot=@0x7fff506e9410)
at DerivedSources/JSDOMWindow.cpp:390
No locals.
#3 0x00002b945ab63662 in KJS::ResolveNode::evaluate (this=0x2b9465881258,
exec=0x7fff506e95f0) at JavaScriptCore/kjs/object.h:534
No locals.
#4 0x00002b945ab84b88 in KJS::AssignDotNode::evaluate (this=0x2b9465881190,
exec=0x7fff506e95f0) at JavaScriptCore/kjs/nodes.cpp:3672
baseValue = <value optimized out>
base = <value optimized out>
v = <value optimized out>
#5 0x00002b945ab71c9e in KJS::ExprStatementNode::execute (this=0x2b9465881168,
exec=0x7fff506e95f0) at JavaScriptCore/kjs/nodes.cpp:3998
value = (class KJS::JSValue *) 0x2b9465876df0
#6 0x00002b945ab34eed in KJS::BlockNode::execute (this=0x2b9465830000,
exec=0x7fff506e95f0) at JavaScriptCore/kjs/nodes.cpp:3951
No locals.
#7 0x00002b945ab8f43a in KJS::ProgramNode::execute (this=0x2b9465830000,
exec=0x7fff506e95f0) at JavaScriptCore/kjs/nodes.cpp:4883
No locals.
#8 0x00002b945ab89869 in KJS::Interpreter::evaluate (exec=0x2b9465876c38,
sourceURL=@0x7fff506e97e0, startingLineNumber=0, code=0x2b9465816b00,
codeLength=1060, thisV=0x0)
at JavaScriptCore/kjs/interpreter.cpp:103
newExec = {<KJS::ExecState> = {<WTFNoncopyable::Noncopyable> = {<No
data fields>}, m_globalObject = 0x2b9466510000, m_exception = 0x0,
m_propertyNames = 0x2b946586edc0, m_emptyList = 0x2b945af376c0,
m_callingExec = 0x0, m_scopeNode = 0x2b9465830000, m_function = 0x0,
m_arguments = 0x0,
m_activation = 0x0, m_localStorage = 0x2b9465876a00, m_scopeChain = {_node
= 0x2b94658837e0}, m_inlineScopeChainNode = {next = 0x0, object = 0x0, refCount
= 1},
m_variableObject = 0x2b9466510000, m_thisValue = 0x2b9466510000,
m_labelStack = {<WTFNoncopyable::Noncopyable> = {<No data fields>}, tos = 0x0},
m_iterationDepth = 0,
m_switchDepth = 0, m_codeType = KJS::GlobalCode, m_completionType =
KJS::Normal, m_breakOrContinueTarget = 0x2b945ab418b3}, <No data fields>}
value = <value optimized out>
globalObject = (class KJS::JSGlobalObject *) 0x2b9466510000
sourceId = 1
errLine = -1
errMsg = {m_rep = {m_ptr = 0x2b945af0fa20}}
thisObj = <value optimized out>
#9 0x00002b945a80d511 in WebCore::KJSProxy::evaluate (this=0x2b9465831828,
filename=@0x7fff506e9aa0, baseLine=0, str=<value optimized out>)
at WebCore/bindings/js/kjs_proxy.cpp:86
exec = (class KJS::ExecState *) 0x2b9465876c38
comp = {m_type = 1702866304, m_value = 0x2b945a85286c}
#10 0x00002b945a9a2608 in WebCore::FrameLoader::executeScript
(this=0x2b94657f4400, url=@0x7fff506e9aa0, baseLine=0, script=@0x7fff506e9cc0)
at WebCore/loader/FrameLoader.cpp:783
scriptProxy = <value optimized out>
wasRunningScript = false
result = <value optimized out>
#11 0x00002b945a96b995 in WebCore::HTMLTokenizer::scriptExecution
(this=0x2b9465854400, str=@0x7fff506e9cc0, state={static EntityShift = 4,
m_bits = 0},
scriptURL=<value optimized out>, baseLine=0) at
WebCore/html/HTMLTokenizer.cpp:540
url = {m_impl = {m_ptr = 0x2b9465831690}}
savedPrependingSrc = (WebCore::SegmentedString *) 0x7fff506e9bd0
prependingSrc = {m_pushedChar1 = 0, m_pushedChar2 = 0, m_currentString
= {m_length = 0, m_current = 0x0, m_string = {m_impl = {m_ptr = 0x0}},
m_doNotExcludeLineNumbers = true}, m_currentChar = 0x0, m_substrings =
{m_start = 0, m_end = 0,
m_buffer = {<WTF::VectorBufferBase<WebCore::SegmentedSubstring>> =
{<WTFNoncopyable::Noncopyable> = {<No data fields>}, m_buffer = 0x0,
m_capacity = 0}, <No data fields>}}, m_composite = false}
#12 0x00002b945a96ece9 in WebCore::HTMLTokenizer::scriptHandler
(this=0x2b9465854400, state={static EntityShift = 4, m_bits = 1703416424})
at WebCore/html/HTMLTokenizer.cpp:480
doScriptExec = <value optimized out>
followingFrameset = false
cs = (class WebCore::CachedScript *) 0x0
scriptCode = {m_impl = {m_ptr = 0x2b9465831fc0}}
savedPrependingSrc = (WebCore::SegmentedString *) 0x0
prependingSrc = {m_pushedChar1 = 0, m_pushedChar2 = 0, m_currentString
= {m_length = 0, m_current = 0x0, m_string = {m_impl = {m_ptr = 0x0}},
m_doNotExcludeLineNumbers = true}, m_currentChar = 0x0, m_substrings =
{m_start = 0, m_end = 0,
m_buffer = {<WTF::VectorBufferBase<WebCore::SegmentedSubstring>> =
{<WTFNoncopyable::Noncopyable> = {<No data fields>}, m_buffer = 0x0,
m_capacity = 0}, <No data fields>}}, m_composite = false}
#13 0x00002b945a96f3e8 in WebCore::HTMLTokenizer::parseSpecial
(this=0x2b9465854400, src=@0x2b9465854e28, state={static EntityShift = 4,
m_bits = 1349424624})
at WebCore/html/HTMLTokenizer.cpp:330
ch = 63
#14 0x00002b945a9710f0 in WebCore::HTMLTokenizer::parseTag
(this=0x2b9465854400, src=@0x2b9465854e28, state={static EntityShift = 4,
m_bits = 1703416424})
at WebCore/html/HTMLTokenizer.cpp:1539
tagName = {m_string = {m_impl = {m_ptr = 0x2b94658070d8}}}
isSelfClosingScript = false
beginTag = true
cBufferPos = 0
lastIsSlash = <value optimized out>
#15 0x00002b945a971987 in WebCore::HTMLTokenizer::write (this=0x2b9465854400,
str=<value optimized out>, appendData=<value optimized out>)
at WebCore/html/HTMLTokenizer.cpp:1727
cc = <value optimized out>
source = {m_pushedChar1 = 0, m_pushedChar2 = 0, m_currentString =
{m_length = 5975, m_current = 0x2b9465871000, m_string = {m_impl = {m_ptr =
0x2b946580ce40}},
m_doNotExcludeLineNumbers = true}, m_currentChar = 0x2b9465871000,
m_substrings = {m_start = 0, m_end = 0,
m_buffer = {<WTF::VectorBufferBase<WebCore::SegmentedSubstring>> =
{<WTFNoncopyable::Noncopyable> = {<No data fields>}, m_buffer = 0x2b94657f3368,
m_capacity = 0}, <No data fields>}}, m_composite = false}
wasInWrite = false
processedCount = 12
startTime = 1207939874.290545
frame = (class WebCore::Frame *) 0x2b94657f5228
state = {static EntityShift = 4, m_bits = 1703416424}
#16 0x00002b945a99cc98 in WebCore::FrameLoader::write (this=0x2b94657f4400,
str=0x89d880 "<html><head><meta http-equiv=\"content-type\"
content=\"text/html;
charset=UTF-8\"><title>Google</title><style>body,td,a,p,.h{font-family:arial,sans-serif}.h{color:#3366cc}.q{color:#00c}.ts
td{padding:0}."..., len=<value optimized out>, flush=false) at
WebCore/loader/FrameLoader.cpp:1029
tokenizer = (WebCore::Tokenizer *) 0x2b9465854400
decoded = {m_impl = {m_ptr = 0x2b946580ce40}}
#17 0x00002b945a987409 in WebCore::DocumentLoader::commitLoad
(this=0x2b9465814200,
data=0x89d880 "<html><head><meta http-equiv=\"content-type\"
content=\"text/html;
charset=UTF-8\"><title>Google</title><style>body,td,a,p,.h{font-family:arial,sans-serif}.h{color:#3366cc}.q{color:#00c}.ts
td{padding:0}."..., length=5982) at WebCore/loader/DocumentLoader.cpp:328
frameLoader = (WebCore::FrameLoader *) 0x2b9465876df0
#18 0x00002b945a9b9fa3 in WebCore::ResourceLoader::didReceiveData
(this=0x35abd9269,
data=0x89d880 "<html><head><meta http-equiv=\"content-type\"
content=\"text/html;
charset=UTF-8\"><title>Google</title><style>body,td,a,p,.h{font-family:arial,sans-serif}.h{color:#3366cc}.q{color:#00c}.ts
td{padding:0}."..., length=5982, lengthReceived=0, allAtOnce=16) at
WebCore/loader/ResourceLoader.cpp:234
No locals.
#19 0x00002b945a9b20e6 in WebCore::MainResourceLoader::didReceiveData
(this=0x2b9465867400, data=0x7fff506e95f0 "", length=1703416424,
lengthReceived=140734542812176,
allAtOnce=false) at WebCore/loader/MainResourceLoader.cpp:296
No locals.
#20 0x00002b945aae14c3 in writeCallback (ptr=0x89d880, size=<value optimized
out>, nmemb=<value optimized out>, data=<value optimized out>)
at WebCore/platform/network/curl/ResourceHandleManager.cpp:126
job = (class WebCore::ResourceHandle *) 0x2b9465848910
d = (class WebCore::ResourceHandleInternal *) 0x2b946584bc00
totalSize = 5982
h = (CURL *) 0x88bc90
httpCode = 200
err = <value optimized out>
#21 0x00002b945dffc6a8 in ?? () from /usr/lib/libcurl-gnutls.so.4
No symbol table info available.
#22 0x00002b945e0157f9 in ?? () from /usr/lib/libcurl-gnutls.so.4
No symbol table info available.
#23 0x00002b945e0159af in ?? () from /usr/lib/libcurl-gnutls.so.4
No symbol table info available.
#24 0x00002b945e00edfa in ?? () from /usr/lib/libcurl-gnutls.so.4
No symbol table info available.
#25 0x00002b945e013b1c in ?? () from /usr/lib/libcurl-gnutls.so.4
No symbol table info available.
#26 0x00002b945e01448b in curl_multi_perform () from
/usr/lib/libcurl-gnutls.so.4
No symbol table info available.
#27 0x00002b945aae3f2c in WebCore::ResourceHandleManager::downloadTimerCallback
(this=0x2b9465869d80, timer=<value optimized out>)
at WebCore/platform/network/curl/ResourceHandleManager.cpp:308
fdread = {fds_bits = {512, 0 <repeats 15 times>}}
fdwrite = {fds_bits = {0 <repeats 16 times>}}
fdexcep = {fds_bits = {0 <repeats 16 times>}}
maxfd = 9
timeout = {tv_sec = 0, tv_usec = 5000}
rc = 1
runningHandles = 0
started = <value optimized out>
#28 0x00002b945aa35203 in WebCore::TimerBase::fireTimers
(fireTime=1207939874.289993, firingTimers=@0x7fff506ea880) at
WebCore/platform/Timer.cpp:347
timer = (class WebCore::TimerBase *) 0x2b9465869d80
interval = <value optimized out>
#29 0x00002b945aa352be in WebCore::TimerBase::sharedTimerFired () at
WebCore/platform/Timer.cpp:368
fireTime = 1207939874.289993
firingTimers = {m_size = 1, m_buffer =
{<WTF::VectorBufferBase<WebCore::TimerBase*>> = {<WTFNoncopyable::Noncopyable>
= {<No data fields>},
m_buffer = 0x2b9465824380, m_capacity = 16}, <No data fields>}}
firingTimersSet = {m_impl = {static m_minTableSize = 64, static
m_maxLoad = 2, static m_minLoad = 6, m_table = 0x2b94657fe600, m_tableSize =
64,
m_tableSizeMask = 63, m_keyCount = 0, m_deletedCount = 1}}
#30 0x00002b945a74ca12 in timeout_cb () at
WebCore/platform/gtk/SharedTimerGtk.cpp:48
No locals.
#31 0x00002b945bce381b in ?? () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#32 0x00002b945bce30f2 in g_main_context_dispatch () from
/usr/lib/libglib-2.0.so.0
No symbol table info available.
#33 0x00002b945bce6396 in ?? () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#34 0x00002b945bce6657 in g_main_loop_run () from /usr/lib/libglib-2.0.so.0
No symbol table info available.
#35 0x00002b945b5f3b63 in IA__gtk_main () at
/build/buildd/gtk+2.0-2.12.9/gtk/gtkmain.c:1163
tmp_list = (GList *) 0x62a8b0
functions = (GList *) 0x0
init = (GtkInitFunction *) 0x661280
loop = (GMainLoop *) 0x881fb0
#36 0x0000000000401eeb in main (argc=1, argv=0x7fff506eabc8) at
WebKitTools/GtkLauncher/main.c:200
vbox = (GtkWidget *) 0x62a8b0
uri = <value optimized out>
--
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list