[Webkit-unassigned] [Bug 27764] New: Application using webkit crashes opn debug compilation

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Jul 28 06:40:26 PDT 2009 

https://bugs.webkit.org/show_bug.cgi?id=27764

           Summary: Application using webkit crashes opn debug compilation
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: luka.napotnik at gmail.com


I've compiled webkit with the following configure flags: --prefix=/usr
--enable-debug --disable-optimizations.

git sha1 is 3f36fc466ba6817716310998f3dcef96161068bd

While the Gtk+ program that uses webkit worked if compiling without the
--enable-debug and --disable-optimizations flags, it now crashes, producing the
following backtrace when tryinig to visit google.com:

Program received signal SIGSEGV, Segmentation fault.
0x00007f2d6a1b43cc in JSC::JIT::compileGetByIdSlowCase (this=0x7fff73dfe400,
resultVReg=1, baseVReg=-16, ident=0x2e32b48, iter=@0x7fff73dfe1c0,
propertyAccessInstructionIndex=8, isMethodCheck=false)
    at JavaScriptCore/jit/JITPropertyAccess.cpp:335
335        ASSERT(differenceBetween(coldPathBegin, call) ==
patchOffsetGetByIdSlowCaseCall);
(gdb) bt
#0  0x00007f2d6a1b43cc in JSC::JIT::compileGetByIdSlowCase
(this=0x7fff73dfe400, resultVReg=1, baseVReg=-16, ident=0x2e32b48,
iter=@0x7fff73dfe1c0, propertyAccessInstructionIndex=8, isMethodCheck=false)
    at JavaScriptCore/jit/JITPropertyAccess.cpp:335
#1  0x00007f2d6a1b4486 in JSC::JIT::emitSlow_op_get_by_id (this=0x7fff73dfe400,
currentInstruction=0x2e343c0, iter=@0x7fff73dfe1c0) at
JavaScriptCore/jit/JITPropertyAccess.cpp:313
#2  0x00007f2d6a1a02c7 in JSC::JIT::privateCompileSlowCases
(this=0x7fff73dfe400) at JavaScriptCore/jit/JIT.cpp:350
#3  0x00007f2d6a1a22b9 in JSC::JIT::privateCompile (this=0x7fff73dfe400) at
JavaScriptCore/jit/JIT.cpp:425
#4  0x00007f2d6a1e1821 in JSC::JIT::compile (globalData=0x2dfd410,
codeBlock=0x2e15ac0) at ./JavaScriptCore/jit/JIT.h:339
#5  0x00007f2d6a266783 in JSC::ProgramNode::generateJITCode (this=0x2e15710,
scopeChainNode=0x2e00640) at JavaScriptCore/parser/Nodes.cpp:1908
#6  0x00007f2d6a1f4f68 in JSC::ProgramNode::jitCode (this=0x2e15710,
scopeChain=0x2e00640) at ./JavaScriptCore/parser/Nodes.h:1487
#7  0x00007f2d6a1e5c54 in JSC::Interpreter::execute (this=0x2dffcc0,
programNode=0x2e15710, callFrame=0x2e00388, scopeChain=0x2e00640,
thisObj=0x7f2d5bac0000, exception=0x7fff73dfe810)
    at JavaScriptCore/interpreter/Interpreter.cpp:630
#8  0x00007f2d6a296667 in JSC::evaluate (exec=0x2e00388, scopeChain=@0x2e00340,
source=@0x7fff73dfee58, thisValue={m_ptr = 0x7f2d5bac0000}) at
JavaScriptCore/runtime/Completion.cpp:67
#9  0x00007f2d6a343b89 in WebCore::ScriptController::evaluate (this=0x1918948,
sourceCode=@0x7fff73dfee50) at WebCore/bindings/js/ScriptController.cpp:114
#10 0x00007f2d6a60fcf6 in WebCore::FrameLoader::executeScript (this=0x1918540,
sourceCode=@0x7fff73dfee50) at WebCore/loader/FrameLoader.cpp:765
#11 0x00007f2d6a598f0a in WebCore::HTMLTokenizer::scriptExecution
(this=0x194a3d0, sourceCode=@0x7fff73dfee50, state={static EntityShift = 4,
m_bits = 0}) at WebCore/html/HTMLTokenizer.cpp:561
#12 0x00007f2d6a599bd1 in WebCore::HTMLTokenizer::scriptHandler
(this=0x194a3d0, state={static EntityShift = 4, m_bits = 0}) at
WebCore/html/HTMLTokenizer.cpp:503
#13 0x00007f2d6a59a36c in WebCore::HTMLTokenizer::parseNonHTMLText
(this=0x194a3d0, src=@0x194ae70, state={static EntityShift = 4, m_bits = 128})
at WebCore/html/HTMLTokenizer.cpp:350
#14 0x00007f2d6a59d30f in WebCore::HTMLTokenizer::write (this=0x194a3d0,
str=@0x7fff73dff110, appendData=true) at WebCore/html/HTMLTokenizer.cpp:1690
#15 0x00007f2d6a60eda5 in WebCore::FrameLoader::write (this=0x1918540, 
    str=0x7fff73dff940 "p,500)};\nwindow._gjp &&
_gjp()</script><style>td{line-height:.8em;}.gac_m
td{line-height:17px;}form{margin-bottom:20px;}body,td,a,p,.h{font-family:arial,sans-serif}.h{color:#36c}.q{color:#00c}.ts
td{p"..., len=3040, flush=false) at WebCore/loader/FrameLoader.cpp:1020
#16 0x00007f2d6a60eed9 in WebCore::FrameLoader::addData (this=0x1918540, 
    bytes=0x7fff73dff940 "p,500)};\nwindow._gjp &&
_gjp()</script><style>td{line-height:.8em;}.gac_m
td{line-height:17px;}form{margin-bottom:20px;}body,td,a,p,.h{font-family:arial,sans-serif}.h{color:#36c}.q{color:#00c}.ts
td{p"..., length=3040) at WebCore/loader/FrameLoader.cpp:1780
#17 0x00007f2d6a166127 in WebKit::FrameLoaderClient::committedLoad
(this=0x1916a40, loader=0x2dbf400, 
    data=0x7fff73dff940 "p,500)};\nwindow._gjp &&
_gjp()</script><style>td{line-height:.8em;}.gac_m
td{line-height:17px;}form{margin-bottom:20px;}body,td,a,p,.h{font-family:arial,sans-serif}.h{color:#36c}.q{color:#00c}.ts
td{p"..., length=3040) at
WebKit/gtk/WebCoreSupport/FrameLoaderClientGtk.cpp:141
#18 0x00007f2d6a6060a6 in WebCore::FrameLoader::committedLoad (this=0x1918540,
loader=0x2dbf400, 
    data=0x7fff73dff940 "p,500)};\nwindow._gjp &&
_gjp()</script><style>td{line-height:.8em;}.gac_m
td{line-height:17px;}form{margin-bottom:20px;}body,td,a,p,.h{font-family:arial,sans-serif}.h{color:#36c}.q{color:#00c}.ts
td{p"..., length=3040) at WebCore/loader/FrameLoader.cpp:3610
#19 0x00007f2d6a5f0bb7 in WebCore::DocumentLoader::commitLoad (this=0x2dbf400, 
    data=0x7fff73dff940 "p,500)};\nwindow._gjp &&
_gjp()</script><style>td{line-height:.8em;}.gac_m
td{line-height:17px;}form{margin-bottom:20px;}body,td,a,p,.h{font-family:arial,sans-serif}.h{color:#36c}.q{color:#00c}.ts
td{p"..., length=3040) at WebCore/loader/DocumentLoader.cpp:361
#20 0x00007f2d6a5f0c10 in WebCore::DocumentLoader::receivedData
(this=0x2dbf400, 
    data=0x7fff73dff940 "p,500)};\nwindow._gjp &&
_gjp()</script><style>td{line-height:.8em;}.gac_m
td{line-height:17px;}form{margin-bottom:20px;}body,td,a,p,.h{font-family:arial,sans-serif}.h{color:#36c}.q{color:#00c}.ts
td{p"..., length=3040) at WebCore/loader/DocumentLoader.cpp:373
---Type <return> to continue, or q <return> to quit---
#21 0x00007f2d6a609a5d in WebCore::FrameLoader::receivedData (this=0x1918540, 
    data=0x7fff73dff940 "p,500)};\nwindow._gjp &&
_gjp()</script><style>td{line-height:.8em;}.gac_m
td{line-height:17px;}form{margin-bottom:20px;}body,td,a,p,.h{font-family:arial,sans-serif}.h{color:#36c}.q{color:#00c}.ts
td{p"..., length=3040) at WebCore/loader/FrameLoader.cpp:2432
#22 0x00007f2d6a61faae in WebCore::MainResourceLoader::addData (this=0x2dc3c10, 
    data=0x7fff73dff940 "p,500)};\nwindow._gjp &&
_gjp()</script><style>td{line-height:.8em;}.gac_m
td{line-height:17px;}form{margin-bottom:20px;}body,td,a,p,.h{font-family:arial,sans-serif}.h{color:#36c}.q{color:#00c}.ts
td{p"..., length=3040, allAtOnce=false) at
WebCore/loader/MainResourceLoader.cpp:148
#23 0x00007f2d6a626f2a in WebCore::ResourceLoader::didReceiveData
(this=0x2dc3c10, 
    data=0x7fff73dff940 "p,500)};\nwindow._gjp &&
_gjp()</script><style>td{line-height:.8em;}.gac_m
td{line-height:17px;}form{margin-bottom:20px;}body,td,a,p,.h{font-family:arial,sans-serif}.h{color:#36c}.q{color:#00c}.ts
td{p"..., length=3040, lengthReceived=0, allAtOnce=false) at
WebCore/loader/ResourceLoader.cpp:257
#24 0x00007f2d6a61eb7c in WebCore::MainResourceLoader::didReceiveData
(this=0x2dc3c10, 
    data=0x7fff73dff940 "p,500)};\nwindow._gjp &&
_gjp()</script><style>td{line-height:.8em;}.gac_m
td{line-height:17px;}form{margin-bottom:20px;}body,td,a,p,.h{font-family:arial,sans-serif}.h{color:#36c}.q{color:#00c}.ts
td{p"..., length=3040, lengthReceived=0, allAtOnce=false) at
WebCore/loader/MainResourceLoader.cpp:360
#25 0x00007f2d6a626335 in WebCore::ResourceLoader::didReceiveData
(this=0x2dc3c10, 
    data=0x7fff73dff940 "p,500)};\nwindow._gjp &&
_gjp()</script><style>td{line-height:.8em;}.gac_m
td{line-height:17px;}form{margin-bottom:20px;}body,td,a,p,.h{font-family:arial,sans-serif}.h{color:#36c}.q{color:#00c}.ts
td{p"..., length=3040, lengthReceived=0) at
WebCore/loader/ResourceLoader.cpp:411
#26 0x00007f2d6aa13d3d in gotChunkCallback (msg=0x2dc28e0, chunk=0x2dd2040,
data=0x2dbe320) at WebCore/platform/network/soup/ResourceHandleSoup.cpp:303

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list