[Webkit-unassigned] [Bug 41454] New: Crash in JSC::JSValue::operator bool when loading site

Thu Jul 1 04:32:07 PDT 2010

https://bugs.webkit.org/show_bug.cgi?id=41454

           Summary: Crash in JSC::JSValue::operator bool when loading site
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
               URL: http://www.postimees.ee
        OS/Version: Mac OS X 10.5
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: plaes at plaes.org

When opening following site: http://www.postimees.ee I'm getting crash:

Webkit-gtk-1.3.2 with epiphany-2.30.2

Traceback (most recent call last):
  File "/usr/share/gdb/auto-load/usr/lib64/libgobject-2.0.so.0.2400.1-gdb.py", line 9, in <module>
    from gobject import register
  File "/usr/share/glib-2.0/gdb/gobject.py", line 3, in <module>
    import gdb.backtrace
ImportError: No module named backtrace
[Thread debugging using libthread_db enabled]
[New Thread 0x7f9ba59a4710 (LWP 5469)]
[New Thread 0x7f9ba62a5710 (LWP 5468)]
0x00007f9bbcbf4cdd in __libc_waitpid (pid=5542, stat_loc=<value optimized out>, options=0) at ../sysdeps/unix/sysv/linux/waitpid.c:41
    in ../sysdeps/unix/sysv/linux/waitpid.c
#0  0x00007f9bbcbf4cdd in __libc_waitpid (pid=5542, stat_loc=<value optimized out>, options=0)
    at ../sysdeps/unix/sysv/linux/waitpid.c:41
#1  0x00007f9bbd3c0121 in IA__g_spawn_sync (working_directory=<value optimized out>, argv=<value optimized out>, 
    envp=<value optimized out>, flags=<value optimized out>, child_setup=<value optimized out>, user_data=<value optimized out>, 
    standard_output=0x0, standard_error=0x0, exit_status=0x0, error=0x7fff2f828038) at gspawn.c:386
#2  0x00007f9bbd3c0439 in IA__g_spawn_command_line_sync (command_line=<value optimized out>, standard_output=0x0, standard_error=0x0, 
    exit_status=0x0, error=0x7fff2f828038) at gspawn.c:700
#3  0x00007f9bab64fd61 in run_bug_buddy (signum=<value optimized out>) at gnome-breakpad.cc:369
#4  check_if_gdb (signum=<value optimized out>) at gnome-breakpad.cc:440
#5  bugbuddy_segv_handle (signum=<value optimized out>) at gnome-breakpad.cc:223
#6  <signal handler called>
#7  JSC::JSValue::operator bool (this=<value optimized out>, exec=0x7f9b9f93c190, hint=<value optimized out>)
    at ./JavaScriptCore/runtime/JSValue.h:824
#8  JSC::ExecState::hadException (this=<value optimized out>, exec=0x7f9b9f93c190, hint=<value optimized out>)
    at ./JavaScriptCore/interpreter/CallFrame.h:83
#9  callDefaultValueFunction (this=<value optimized out>, exec=0x7f9b9f93c190, hint=<value optimized out>)
    at JavaScriptCore/runtime/JSObject.cpp:253
#10 JSC::JSObject::defaultValue (this=<value optimized out>, exec=0x7f9b9f93c190, hint=<value optimized out>)
    at JavaScriptCore/runtime/JSObject.cpp:272
#11 0x00007f9bc0ca412d in JSC::JSObject::toPrimitive (this=0x0, exec=0x4000007f9b9f8c1d, preferredType=2677260689)
    at ./JavaScriptCore/runtime/JSObject.h:631
#12 0x00007f9bc14b4414 in JSC::JSObject::toString (this=0x0, exec=0x7f9b9f93c190) at JavaScriptCore/runtime/JSObject.cpp:476
#13 0x00007f9bc14e0844 in JSC::JSValue::toThisString (exec=0x7f9b9f93c190) at JavaScriptCore/runtime/JSObject.h:739
#14 stringProtoFuncSubstring (exec=0x7f9b9f93c190) at JavaScriptCore/runtime/StringPrototype.cpp:764
#15 0x00007f9bc27261aa in ?? ()
#16 0xffff000000000002 in ?? ()
#17 0x00007f9ba4e71aba in ?? ()
#18 0x0000000000000000 in ?? ()

Thread 3 (Thread 0x7f9ba62a5710 (LWP 5468)):
#0  pthread_cond_wait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:162
No locals.
#1  0x00007f9bc14eccd4 in WTF::TCMalloc_PageHeap::scavengerThread (this=0x7f9bc1ea9ba0) at JavaScriptCore/wtf/FastMalloc.cpp:2380
No locals.
#2  0x00007f9bc14eccf9 in WTF::TCMalloc_PageHeap::runScavengerThread (context=0x7f9bc1eb7c74) at JavaScriptCore/wtf/FastMalloc.cpp:1501
No locals.
#3  0x00007f9bbcbec8e4 in start_thread (arg=<value optimized out>) at pthread_create.c:297
        __res = <value optimized out>
        pd = 0x7f9ba62a5710
        unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140306484451088, 8797029185233484727, 140306863321312, 0, 140306961006592, 3, 
    -8853479575251453001, -8853467656871609417}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, 
              cleanup = 0x0, canceltype = 0}}}
        not_first_call = <value optimized out>
        robust = <value optimized out>
        freesize = <value optimized out>
        __PRETTY_FUNCTION__ = "start_thread"
#4  0x00007f9bbc95e27d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115
No locals.

Thread 2 (Thread 0x7f9ba59a4710 (LWP 5469)):
#0  pthread_cond_wait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:162
No locals.
#1  0x00007f9bc11b1c48 in WebCore::IconDatabase::syncThreadMainLoop (this=0x7f9ba59baa00) at WebCore/loader/icon/IconDatabase.cpp:1412
        didAnyWork = <value optimized out>
#2  0x00007f9bc11b1d18 in WebCore::IconDatabase::iconDatabaseSyncThread (this=0x7f9ba59baa00)
    at WebCore/loader/icon/IconDatabase.cpp:1030
        journalFilename = {m_impl = {<WTF::FastAllocBase> = {<No data fields>}, m_ptr = 0x7f9ba59bcf20}}
#3  0x00007f9bbcbec8e4 in start_thread (arg=<value optimized out>) at pthread_create.c:297
        __res = <value optimized out>
        pd = 0x7f9ba59a4710
        unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140306475009808, 8797029185233484727, 140306863321312, 0, 140306961006592, 3, 
    -8853487138151990345, -8853467656871609417}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, 
              cleanup = 0x0, canceltype = 0}}}
        not_first_call = <value optimized out>
        robust = <value optimized out>
        freesize = <value optimized out>
        __PRETTY_FUNCTION__ = "start_thread"
#4  0x00007f9bbc95e27d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115
No locals.

Thread 1 (Thread 0x7f9bc28ce8c0 (LWP 5467)):
#0  0x00007f9bbcbf4cdd in __libc_waitpid (pid=5542, stat_loc=<value optimized out>, options=0)
    at ../sysdeps/unix/sysv/linux/waitpid.c:41
        _a3 = 0
        _a1 = 5542
        resultvar = <value optimized out>
        _a4 = 0
        _a2 = 140733990469280
        oldtype = 0
        result = <value optimized out>
#1  0x00007f9bbd3c0121 in IA__g_spawn_sync (working_directory=<value optimized out>, argv=<value optimized out>, 
    envp=<value optimized out>, flags=<value optimized out>, child_setup=<value optimized out>, user_data=<value optimized out>, 
    standard_output=0x0, standard_error=0x0, exit_status=0x0, error=0x7fff2f828038) at gspawn.c:386
        outpipe = -1
        errpipe = -1
        pid = 5542
        fds = {__fds_bits = {0, 16, 16, 0, 75640824, 140733990469688, 74736128, 75640800, 3, 0, 75640824, 140306871322109, 
    140733990469288, 140733990469280, 140733990469400, 0}}
        ret = <value optimized out>
        outstr = 0x0
        errstr = 0x0
        failed = 0
        status = <value optimized out>
        __PRETTY_FUNCTION__ = "IA__g_spawn_sync"
#2  0x00007f9bbd3c0439 in IA__g_spawn_command_line_sync (command_line=<value optimized out>, standard_output=0x0, standard_error=0x0, 
    exit_status=0x0, error=0x7fff2f828038) at gspawn.c:700
        retval = 0
        argv = 0x4822fe0
        __PRETTY_FUNCTION__ = "IA__g_spawn_command_line_sync"
#3  0x00007f9bab64fd61 in run_bug_buddy (signum=<value optimized out>) at gnome-breakpad.cc:369
        res = <value optimized out>
        warning_file = 0x0
        exec_str = 0x471e1e0 "bug-buddy --appname=\"epiphany\" --pid=5467"
        args_str = <value optimized out>
        error = 0x0
#4  check_if_gdb (signum=<value optimized out>) at gnome-breakpad.cc:440
        gdb = 0x1e91ea0 "/usr/bin/gdb"
        pid = 5467
        mypath = 0x481a840 "\200\314\302\004"
        has_debug_symbols = <value optimized out>
        appname = 0x185e180 "epiphany"
#5  bugbuddy_segv_handle (signum=<value optimized out>) at gnome-breakpad.cc:223
        in_segv = 1
#6  <signal handler called>
No symbol table info available.
#7  JSC::JSValue::operator bool (this=<value optimized out>, exec=0x7f9b9f93c190, hint=<value optimized out>)
    at ./JavaScriptCore/runtime/JSValue.h:824
No locals.
#8  JSC::ExecState::hadException (this=<value optimized out>, exec=0x7f9b9f93c190, hint=<value optimized out>)
    at ./JavaScriptCore/interpreter/CallFrame.h:83
No locals.
#9  callDefaultValueFunction (this=<value optimized out>, exec=0x7f9b9f93c190, hint=<value optimized out>)
    at JavaScriptCore/runtime/JSObject.cpp:253
        callData = {native = {function = 0x7f9bc14df1c0 <stringProtoFuncToString>}, js = {functionExecutable = 0x7f9bc14df1c0, 
            scopeChain = 0x8}}
        callType = <value optimized out>
#10 JSC::JSObject::defaultValue (this=<value optimized out>, exec=0x7f9b9f93c190, hint=<value optimized out>)
    at JavaScriptCore/runtime/JSObject.cpp:272
No locals.
#11 0x00007f9bc0ca412d in JSC::JSObject::toPrimitive (this=0x0, exec=0x4000007f9b9f8c1d, preferredType=2677260689)
    at ./JavaScriptCore/runtime/JSObject.h:631
No locals.
#12 0x00007f9bc14b4414 in JSC::JSObject::toString (this=0x0, exec=0x7f9b9f93c190) at JavaScriptCore/runtime/JSObject.cpp:476
        primitive = <value optimized out>
#13 0x00007f9bc14e0844 in JSC::JSValue::toThisString (exec=0x7f9b9f93c190) at JavaScriptCore/runtime/JSObject.h:739
No locals.
#14 stringProtoFuncSubstring (exec=0x7f9b9f93c190) at JavaScriptCore/runtime/StringPrototype.cpp:764
        thisValue = {m_ptr = 0x7f9b9f8e8900}
        s = {static NotFound = <optimized out>, m_rep = {<WTF::FastAllocBase> = {<No data fields>}, m_ptr = 0x0}, 
          static s_nullUString = 0x7f9ba59a60f0}
        end = <value optimized out>
        start = <value optimized out>
#15 0x00007f9bc27261aa in ?? ()
No symbol table info available.
#16 0xffff000000000002 in ?? ()
No symbol table info available.
#17 0x00007f9ba4e71aba in ?? ()
No symbol table info available.
#18 0x0000000000000000 in ?? ()
No symbol table info available.
A debugging session is active.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.