[Webkit-unassigned] [Bug 24326] New: WebKit Gtk built with gcc4.4 and -O2 crashes and has layout issues

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Mar 3 09:54:59 PST 2009 

https://bugs.webkit.org/show_bug.cgi?id=24326

           Summary: WebKit Gtk built with gcc4.4 and -O2 crashes and has
                    layout issues
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: WebKit Gtk
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: martin.sourada at gmail.com


JS crashes and layout has issues when WebKit/GTK is built with gcc4.4 with -O2
option (recently made default on Fedora Rawhide).

Here's an example of the layout issues:
http://www.declera.com/~yaneti/webkit-gcc-rend.png

Here's a backtrace from JS crash from midori:
#0  WTF::dtoa (d=63232, ndigits=<value optimized out>, decpt=<value optimized
out>, 
    sign=<value optimized out>, rve=<value optimized out>) at
JavaScriptCore/wtf/dtoa.cpp:2170
#1  0x00002aaaab3e76e3 in JSC::UString::from (d=0) at
JavaScriptCore/runtime/UString.cpp:929
#2  0x00002aaaab43484c in jscyyparse (globalPtr=<value optimized out>)
    at JavaScriptCore/parser/Grammar.y:318
#3  0x00002aaaab43b1b7 in JSC::Parser::parse (this=0x2aaab65f4240,
globalData=0x2aaab65ff400, 
    errLine=0x7fffffff01dc, errMsg=0x7fffffff01d0) at
JavaScriptCore/parser/Parser.cpp:58
#4  0x00002aaaab43b28f in JSC::Parser::reparseInPlace (this=0x4,
globalData=0x40eee000, 
    functionBodyNode=0x2aaab74acc60) at JavaScriptCore/parser/Parser.cpp:77
#5  0x00002aaaab43bbfb in JSC::FunctionBodyNode::generateBytecode
(this=0x2aaab74acc60, 
    scopeChainNode=0x2aaab49bc618) at JavaScriptCore/parser/Nodes.cpp:2617
#6  0x00002aaaab38f282 in JSC::FunctionBodyNode::bytecode () at
JavaScriptCore/parser/Nodes.h:2194
#7  JSC::Interpreter::privateExecute (this=0x2aaab6601b00, flag=<value
optimized out>, 
    registerFile=<value optimized out>, callFrame=0x2aaab6657048,
exception=<value optimized out>)
    at JavaScriptCore/interpreter/Interpreter.cpp:3290
#8  0x00002aaaab39180b in JSC::Interpreter::execute (this=0x2aaab6601b00,
programNode=0x2aaac448e510, 
    callFrame=0x2aaab6b9c808, scopeChain=<value optimized out>, thisObj=<value
optimized out>, 
    exception=<value optimized out>) at
JavaScriptCore/interpreter/Interpreter.cpp:870
#9  0x00002aaaab43d401 in JSC::evaluate (exec=0x2aaab6b9c808,
scopeChain=@0x2aaab6b9c7c0, 
    source=@0x7fffffffd260, thisValue=<value optimized out>) at
JavaScriptCore/runtime/Completion.cpp:67
#10 0x00002aaaaad8e14b in WebCore::ScriptController::evaluate
(this=0x2aaaabbb6bd8, 
    sourceCode=@0x7fffffffd260) at WebCore/bindings/js/ScriptController.cpp:114
#11 0x00002aaaaafe8f9b in WebCore::FrameLoader::executeScript
(this=0x2aaaabbb6850, 
    sourceCode=@0x7fffffffd260) at WebCore/loader/FrameLoader.cpp:781
#12 0x00002aaaaaf867da in WebCore::HTMLTokenizer::scriptExecution
(this=0x2aaab6637800, 
    sourceCode=@0x7fffffffd260, state=<value optimized out>) at
WebCore/html/HTMLTokenizer.cpp:563
#13 0x00002aaaaaf86ebf in WebCore::HTMLTokenizer::notifyFinished
(this=0x2aaab6637800)
    at WebCore/html/HTMLTokenizer.cpp:1986
#14 0x00002aaaaafbe4cc in WebCore::CachedScript::checkNotify
(this=0x2aaab6c42200)
    at WebCore/loader/CachedScript.cpp:108
#15 0x00002aaaab00cb7d in WebCore::Loader::Host::didFinishLoading
(this=0x2aaab6c2dc60, 
    loader=0x2aaab48e1500) at WebCore/loader/loader.cpp:304
#16 0x00002aaaaaffbb7f in WebCore::SubresourceLoader::didFinishLoading
(this=0x2aaab48e1500)
    at WebCore/loader/SubresourceLoader.cpp:183
#17 0x00002aaaab1af93e in finishedCallback (session=<value optimized out>,
msg=0x1560450, 
    data=<value optimized out>) at
WebCore/platform/network/soup/ResourceHandleSoup.cpp:285
#18 0x0000003164a320a4 in final_finished (req=0x1560450, user_data=<value
optimized out>)
    at soup-session-async.c:329
#19 0x000000314de0b8ee in IA__g_closure_invoke (closure=0x151bce0,
return_value=0x0, n_param_values=1, 
    param_values=0x1577800, invocation_hint=0x7fffffffd5e0) at gclosure.c:767
#20 0x000000314de22527 in signal_emit_unlocked_R (node=0x158bb40, detail=<value
optimized out>, 
    instance=<value optimized out>, emission_return=<value optimized out>, 
---Type <return> to continue, or q <return> to quit---
    instance_and_params=<value optimized out>) at gsignal.c:3314
#21 0x000000314de232de in IA__g_signal_emit_valist (instance=0x1560450,
signal_id=<value optimized out>, 
    detail=0, var_args=0x7fffffffd7d0) at gsignal.c:2977
#22 0x000000314de23873 in IA__g_signal_emit (instance=0x4,
signal_id=1089396736, detail=2147483648)
    at gsignal.c:3034
#23 0x0000003164a296b5 in soup_message_io_finished (msg=0x1560450) at
soup-message-io.c:172
#24 0x000000314de0b8ee in IA__g_closure_invoke (closure=0x1511b70,
return_value=0x0, n_param_values=1, 
    param_values=0x1616400, invocation_hint=0x7fffffffda00) at gclosure.c:767
#25 0x000000314de21ef8 in signal_emit_unlocked_R (node=0x176d610, detail=<value
optimized out>, 
    instance=<value optimized out>, emission_return=<value optimized out>, 
    instance_and_params=<value optimized out>) at gsignal.c:3244
#26 0x000000314de232de in IA__g_signal_emit_valist (instance=0x14ffb30,
signal_id=<value optimized out>, 
    detail=0, var_args=0x7fffffffdbf0) at gsignal.c:2977
#27 0x000000314de23873 in IA__g_signal_emit (instance=0x4,
signal_id=1089396736, detail=2147483648)
    at gsignal.c:3034
#28 0x0000003164a33da2 in socket_read_watch (chan=<value optimized out>,
cond=0, user_data=0x14ffb30)
    at soup-socket.c:1049
#29 0x000000314d23812e in g_main_dispatch (context=<value optimized out>) at
gmain.c:1814
#30 IA__g_main_context_dispatch (context=0x6ad630) at gmain.c:2367
#31 0x000000314d23b888 in g_main_context_iterate (context=0x6ad630,
block=<value optimized out>, 
    dispatch=<value optimized out>, self=<value optimized out>) at gmain.c:2448
#32 0x000000314d23bd25 in IA__g_main_loop_run (loop=0x7faf40) at gmain.c:2656
#33 0x0000003154744a57 in IA__gtk_main () at gtkmain.c:1205
#34 0x000000000041c028 in main ()

Downstream bug at https://bugzilla.redhat.com/show_bug.cgi?id=488112 and
related bug at https://bugzilla.redhat.com/show_bug.cgi?id=488163

I am able to reproduce these issues on r41071 (but it seems older/newer
revisions are affected as well).

It looks like building without -O2 makes these issues dissapear.


-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list