[Webkit-unassigned] [Bug 36644] New: Crash in JSC::Register::codeBlock
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Mar 26 00:31:19 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=36644
Summary: Crash in JSC::Register::codeBlock
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
OS/Version: Linux
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: plaes at plaes.org
I'm getting following crash with webkit-gtk-1.1.90, platform Linux/amd64
#0 0x00007f82cd92dbcd in __libc_waitpid (pid=1932,
stat_loc=<value optimized out>, options=0)
at ../sysdeps/unix/sysv/linux/waitpid.c:41
#1 0x00007f82ce0f9301 in IA__g_spawn_sync (
working_directory=<value optimized out>, argv=<value optimized out>,
envp=<value optimized out>, flags=<value optimized out>,
child_setup=<value optimized out>, user_data=<value optimized out>,
standard_output=0x0, standard_error=0x0, exit_status=0x0, error=
0x7fff24939bb8) at gspawn.c:386
#2 0x00007f82ce0f9619 in IA__g_spawn_command_line_sync (
command_line=<value optimized out>, standard_output=0x0, standard_error=
0x0, exit_status=0x0, error=0x7fff24939bb8) at gspawn.c:700
#3 0x00007f82bc5f1d61 in run_bug_buddy (signum=<value optimized out>)
at gnome-breakpad.cc:369
#4 check_if_gdb (signum=<value optimized out>) at gnome-breakpad.cc:440
#5 bugbuddy_segv_handle (signum=<value optimized out>)
at gnome-breakpad.cc:223
#6 <signal handler called>
#7 0x00007f82d22a08e3 in JSC::Register::codeBlock (
this=<value optimized out>, flag=<value optimized out>,
registerFile=<value optimized out>, callFrame=0x7f82a0448000, exception=
0x7f829f7e9630) at ./JavaScriptCore/interpreter/Register.h:189
#8 JSC::ExecState::codeBlock (this=<value optimized out>,
flag=<value optimized out>, registerFile=<value optimized out>, callFrame=
0x7f82a0448000, exception=0x7f829f7e9630)
at ./JavaScriptCore/interpreter/CallFrame.h:41
#9 JSC::Interpreter::privateExecute (this=<value optimized out>,
flag=<value optimized out>, registerFile=<value optimized out>, callFrame=
0x7f82a0448000, exception=0x7f829f7e9630)
at JavaScriptCore/interpreter/Interpreter.cpp:3710
#10 0x83f08948c35d5b01 in ?? ()
#11 0x0000000000000000 in ?? ()
Thread 7 (Thread 0x7f82ba20a710 (LWP 19123)):
#0 pthread_cond_wait ()
at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:162
No locals.
#1 0x00007f82d2376b74 in regExpProtoFuncTest (exec=0x0, thisValue=..., args=
...) at JavaScriptCore/runtime/RegExpPrototype.cpp:64
No locals.
#2 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 6 (Thread 0x7f82b9909710 (LWP 19124)):
#0 pthread_cond_wait ()
at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:162
No locals.
#1 0x00007f82d207d298 in Locker (this=0x7f82b9921a70, pageURL=...)
at ./JavaScriptCore/wtf/Locker.h:37
No locals.
#2 WebCore::IconDatabase::getOrCreatePageURLRecord (this=0x7f82b9921a70,
pageURL=...) at WebCore/loader/icon/IconDatabase.cpp:885
pageRecord = 0x7f82b9921ad0
#3 0x00007f82d22c743f in append<JSC::JSObject*> (this=0x7f82b9921c28,
unfiltered=...) at ./JavaScriptCore/wtf/Vector.h:938
ptr = <value optimized out>
#4 JSC::Walker::walk (this=0x7f82b9921c28, unfiltered=...)
at JavaScriptCore/runtime/JSONObject.cpp:746
object = 0x0
tickCount = 3113359872
finalHolder = <value optimized out>
state = <value optimized out>
slot = {m_type = JSC::PutPropertySlot::Uncachable, m_base = 0x0,
m_offset = 0}
propertyStack = {<WTF::FastAllocBase> = {<No data fields>}, m_size =
140199435736848, m_buffer =
{<WTF::VectorBufferBase<JSC::PropertyNameArray>> =
{<WTFNoncopyable::Noncopyable> = {<WTF::FastAllocBase> =
{<No data fields>}, <No data fields>}, m_buffer = 0x85cafa0e5588bb81,
m_capacity = 140199771439040},
static m_inlineBufferSize = <optimized out>, m_inlineBuffer = {
buffer =
"\000\000\000\000\000\000\000\000\000\200fÓ\177\000\000\003\000\000\000\000\000\000\000\201\273hI/\211\317z\201\273<\345*a\317z",
'\000' <repeats 48 times>, "\020\227\220\271\202\177\000\000\235oiÍ\177",
'\000' <repeats 665 times>}}}
indexStack = {<WTF::FastAllocBase> = {<No data fields>}, m_size = 0,
m_buffer = {<WTF::VectorBufferBase<unsigned int>> =
{<WTFNoncopyable::Noncopyable> = {<WTF::FastAllocBase> =
{<No data fields>}, <No data fields>}, m_buffer = 0x0, m_capacity = 0},
static m_inlineBufferSize = <optimized out>, m_inlineBuffer = {
buffer = '\000' <repeats 63 times>}}}
objectStack = {<WTF::FastAllocBase> = {<No data fields>}, m_size = 0,
m_buffer = {<WTF::VectorBufferBase<JSC::JSObject*>> =
{<WTFNoncopyable::Noncopyable> = {<WTF::FastAllocBase> =
{<No data fields>}, <No data fields>}, m_buffer = 0x0, m_capacity = 0},
static m_inlineBufferSize = <optimized out>, m_inlineBuffer = {
buffer = '\000' <repeats 127 times>}}}
arrayStack = {<WTF::FastAllocBase> = {<No data fields>}, m_size = 0,
m_buffer = {<WTF::VectorBufferBase<JSC::JSArray*>> =
{<WTFNoncopyable::Noncopyable> = {<WTF::FastAllocBase> =
{<No data fields>}, <No data fields>}, m_buffer = 0x0, m_capacity = 0},
static m_inlineBufferSize = <optimized out>, m_inlineBuffer = {
buffer = '\000' <repeats 127 times>}}}
stateStack = {<WTF::FastAllocBase> = {<No data fields>}, m_size = 0,
m_buffer = {<WTF::VectorBufferBase<JSC::WalkerState>> =
{<WTFNoncopyable::Noncopyable> = {<WTF::FastAllocBase> =
{<No data fields>}, <No data fields>}, m_buffer = 0x0, m_capacity = 0},
static m_inlineBufferSize = <optimized out>, m_inlineBuffer = {
buffer = '\000' <repeats 63 times>}}}
localTimeoutChecker = {m_timeoutInterval = 0, m_timeAtLastCheck = 0,
m_timeExecuting = 0, m_startCount = 0, m_ticksUntilNextCheck = 0}
#5 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 5 (Thread 0x7f82ac1ee710 (LWP 19164)):
#0 pthread_cond_wait ()
at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:162
No locals.
#1 0x00007f82b1ae29a1 in queue_processor(void*) ()
from /opt/icedtea6-bin-1.7.1/jre/lib/amd64/IcedTeaNPPlugin.so
No symbol table info available.
#2 0x00007f82cd925894 in start_thread (arg=<value optimized out>)
at pthread_create.c:297
__res = <value optimized out>
pd = 0x7f82ac1ee710
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140199210182416,
-8805951181898073215, 140199771439040, 0, 140199869186048, 3,
8849470136649300865, 8849398629668797313}, mask_was_saved = 0}}, priv = {
pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0,
canceltype = 0}}}
not_first_call = <value optimized out>
robust = <value optimized out>
freesize = <value optimized out>
__PRETTY_FUNCTION__ = "start_thread"
#3 0x00007f82cd696f9d in clone ()
at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
No locals.
#4 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 4 (Thread 0x7f82aea37710 (LWP 19165)):
#0 pthread_cond_wait ()
at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:162
No locals.
#1 0x00007f82b1ae29a1 in queue_processor(void*) ()
from /opt/icedtea6-bin-1.7.1/jre/lib/amd64/IcedTeaNPPlugin.so
No symbol table info available.
#2 0x00007f82cd925894 in start_thread (arg=<value optimized out>)
at pthread_create.c:297
__res = <value optimized out>
pd = 0x7f82aea37710
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140199252424464,
-8805951181898073215, 140199771439040, 0, 140199869186048, 3,
8849475722791140225, 8849398629668797313}, mask_was_saved = 0}}, priv = {
pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0,
canceltype = 0}}}
not_first_call = <value optimized out>
robust = <value optimized out>
freesize = <value optimized out>
__PRETTY_FUNCTION__ = "start_thread"
#3 0x00007f82cd696f9d in clone ()
at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
No locals.
#4 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 3 (Thread 0x7f82afa39710 (LWP 19166)):
#0 pthread_cond_wait ()
at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S:162
No locals.
#1 0x00007f82b1ae29a1 in queue_processor(void*) ()
from /opt/icedtea6-bin-1.7.1/jre/lib/amd64/IcedTeaNPPlugin.so
No symbol table info available.
#2 0x00007f82cd925894 in start_thread (arg=<value optimized out>)
at pthread_create.c:297
__res = <value optimized out>
pd = 0x7f82afa39710
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140199269209872,
-8805951181898073215, 140199771439040, 0, 140199869186048, 3,
8849473526989110145, 8849398629668797313}, mask_was_saved = 0}}, priv = {
pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0,
canceltype = 0}}}
not_first_call = <value optimized out>
robust = <value optimized out>
freesize = <value optimized out>
__PRETTY_FUNCTION__ = "start_thread"
#3 0x00007f82cd696f9d in clone ()
at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
No locals.
#4 0x0000000000000000 in ?? ()
No symbol table info available.
Thread 2 (Thread 0x7f829efd7710 (LWP 1733)):
#0 0x00007f82cd92d12d in read () at ../sysdeps/unix/syscall-template.S:82
No locals.
#1 0x00007f82ce0b622b in read (data=<value optimized out>)
at /usr/include/bits/unistd.h:45
No locals.
#2 child_watch_helper_thread (data=<value optimized out>) at gmain.c:3822
b = "\020\247à¨\177\000\000\347\250EÓ\177\000\000\003\000\000"
list = 0x7f82cd927f90 = {0x89f8894910778b53,
Thread 1 (Thread 0x7f82d3610780 (LWP 19121)):
#0 0x00007f82cd92dbcd in __libc_waitpid (pid=1932,
stat_loc=<value optimized out>, options=0)
at ../sysdeps/unix/sysv/linux/waitpid.c:41
_a3 = 0
_a1 = 1932
resultvar = <value optimized out>
_a4 = 0
_a2 = 140733807041056
oldtype = 0
result = <value optimized out>
#1 0x00007f82ce0f9301 in IA__g_spawn_sync (
working_directory=<value optimized out>, argv=<value optimized out>,
envp=<value optimized out>, flags=<value optimized out>,
child_setup=<value optimized out>, user_data=<value optimized out>,
standard_output=0x0, standard_error=0x0, exit_status=0x0, error=
0x7fff24939bb8) at gspawn.c:386
outpipe = -1
errpipe = -1
pid = 1932
fds = {__fds_bits = {0, 16, 16, 0, 74983080, 140733807041464,
84388208, 74983040, 5, 0, 74983080, 140199779440349, 140733807041064,
140733807041056, 140733807041176, 0}}
ret = <value optimized out>
outstr = 0x0
errstr = 0x0
failed = 0
status = <value optimized out>
__PRETTY_FUNCTION__ = "IA__g_spawn_sync"
#2 0x00007f82ce0f9619 in IA__g_spawn_command_line_sync (
command_line=<value optimized out>, standard_output=0x0, standard_error=
0x0, exit_status=0x0, error=0x7fff24939bb8) at gspawn.c:700
retval = 0
argv = 0x4782680
__PRETTY_FUNCTION__ = "IA__g_spawn_command_line_sync"
#3 0x00007f82bc5f1d61 in run_bug_buddy (signum=<value optimized out>)
at gnome-breakpad.cc:369
res = <value optimized out>
warning_file = 0x4616490 "\320\373\207\004"
exec_str =
0x4984090 "bug-buddy --appname=\"epiphany\"
--include=\"/tmp/bug-buddy-5EAZ9U\" --unlink-tempfile --pid=19121"
args_str = <value optimized out>
error = 0x0
#4 check_if_gdb (signum=<value optimized out>) at gnome-breakpad.cc:440
gdb = 0x0
pid = 19121
mypath = 0x4906790 "@\316R\004"
has_debug_symbols = <value optimized out>
appname = 0xdf2110 "epiphany"
#5 bugbuddy_segv_handle (signum=<value optimized out>)
at gnome-breakpad.cc:223
in_segv = 1
#6 <signal handler called>
No symbol table info available.
#7 0x00007f82d22a08e3 in JSC::Register::codeBlock (
this=<value optimized out>, flag=<value optimized out>,
registerFile=<value optimized out>, callFrame=0x7f82a0448000, exception=
0x7f829f7e9630) at ./JavaScriptCore/interpreter/Register.h:189
No locals.
#8 JSC::ExecState::codeBlock (this=<value optimized out>,
flag=<value optimized out>, registerFile=<value optimized out>, callFrame=
0x7f82a0448000, exception=0x7f829f7e9630)
at ./JavaScriptCore/interpreter/CallFrame.h:41
No locals.
#9 JSC::Interpreter::privateExecute (this=<value optimized out>,
flag=<value optimized out>, registerFile=<value optimized out>, callFrame=
0x7f82a0448000, exception=0x7f829f7e9630)
at JavaScriptCore/interpreter/Interpreter.cpp:3710
i = <value optimized out>
codeBlock = <value optimized out>
dst = <value optimized out>
exceptionValue = {m_ptr = 0x8301eb8300000058}
vPC = 0x7fff2493a240
globalData = 0x7fff2493a090
handler = <value optimized out>
tickCount = 32642
#10 0x83f08948c35d5b01 in ?? ()
No symbol table info available.
#11 0x0000000000000000 in ?? ()
No symbol table info available.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list