[Webkit-unassigned] [Bug 48840] New: Crash from valgrind in javascript garbagecollector

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Nov 2 08:45:23 PDT 2010 

https://bugs.webkit.org/show_bug.cgi?id=48840

           Summary: Crash from valgrind in javascript garbagecollector
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: Critical
          Priority: P2
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: webkit at dpinol.com


I can reproduce the problem on Linux ubuntu 10.4 with WebKit-r70732, only when running with valgrind. I need to run it from valgrind because I run webkit from a Qt application, and we need to ensure the whole software quality.

1) tar zxvf reportBug.tgz
2) valgrind ./Programs/GtkLauncher reportBug/index.html
3) After webkit fully loads the page (see progress percentage in titlebar), a white page will appear. 
4) Click anywhere on the page.
5) A message "Error opening file: No such file or directory" will appear, since I didn't include any image to reduce the attachment size.
6) Sometimes it will already crash here, showing the error description below.
7) If it didn't crash yet, go back to previous page and go to step 4) again.

I tried following valgrind's advice to use "--main-stacksize= ", but even if I increase the value to 100Mb, I always get a crash

thanks

==15225== Process terminating with default action of signal 11 (SIGSEGV)
==15225==  Access not within mapped region at address 0xECACF24
==15225==    at 0x4ED2B19: JSC::JIT::unlinkCallOrConstruct(JSC::CallLinkInfo*) (in /home/dani/tmp/webkit/WebKit-r70732/.libs/libwebkitgtk-1.0.so.0.3.0)
==15225==    by 0x4F3B1DE: JSC::CodeBlock::unlinkCallers() (in /home/dani/tmp/webkit/WebKit-r70732/.libs/libwebkitgtk-1.0.so.0.3.0)
==15225==    by 0x4E550B7: JSC::JSFunction::~JSFunction() (in /home/dani/tmp/webkit/WebKit-r70732/.libs/libwebkitgtk-1.0.so.0.3.0)
==15225==    by 0x4EE99D5: JSC::Heap::sweep() (in /home/dani/tmp/webkit/WebKit-r70732/.libs/libwebkitgtk-1.0.so.0.3.0)
==15225==    by 0x4EED212: JSC::Heap::collectAllGarbage() (in /home/dani/tmp/webkit/WebKit-r70732/.libs/libwebkitgtk-1.0.so.0.3.0)
==15225==    by 0x41BEA03: WebCore::collect(void*) (in /home/dani/tmp/webkit/WebKit-r70732/.libs/libwebkitgtk-1.0.so.0.3.0)
==15225==    by 0x41BEBF0: WebCore::Timer<WebCore::GCController>::fired() (in /home/dani/tmp/webkit/WebKit-r70732/.libs/libwebkitgtk-1.0.so.0.3.0)
==15225==    by 0x4668068: WebCore::ThreadTimers::sharedTimerFiredInternal() (in /home/dani/tmp/webkit/WebKit-r70732/.libs/libwebkitgtk-1.0.so.0.3.0)
==15225==    by 0x46680E4: WebCore::ThreadTimers::sharedTimerFired() (in /home/dani/tmp/webkit/WebKit-r70732/.libs/libwebkitgtk-1.0.so.0.3.0)
==15225==    by 0x48EA02D: WebCore::timeout_cb(void*) (in /home/dani/tmp/webkit/WebKit-r70732/.libs/libwebkitgtk-1.0.so.0.3.0)
==15225==    by 0x590CD5B: ??? (in /lib/libglib-2.0.so.0.2400.1)
==15225==    by 0x590C5E4: g_main_context_dispatch (in /lib/libglib-2.0.so.0.2400.1)
==15225==  If you believe this happened as a result of a stack
==15225==  overflow in your program's main thread (unlikely but
==15225==  possible), you can try to increase the size of the
==15225==  main thread stack using the --main-stacksize= flag.
==15225==  The main thread stack size used in this run was 8388608.

--
Daniel Pinyol
Software Engineer
Pal Robotics S.L.

Tel: +34.93.414.53.47
Fax: +34.93.209.11.09
C/ Pujades 77-79 4º 4ª 08005 Barcelona, Spain.
http://www.pal-robotics.com/

Pablo Picasso - "Computers are useless. They can only give you answers."

AVISO DE CONFIDENCIALIDAD: Este mensaje y sus documentos adjuntos, pueden contener información privilegiada y/o confidencial que está dirigida exclusivamente a su destinatario. Si usted recibe este mensaje y no es el destinatario indicado, o el empleado encargado de su entrega a dicha persona, por favor, notifíquelo inmediatamente y remita el mensaje original a la dirección de correo electrónico indicada. Cualquier copia, uso o distribución no autorizados de esta comunicación queda estrictamente prohibida.

CONFIDENTIALITY NOTICE: This e-mail and the accompanying document(s) may contain confidential information which is privileged and intended only for the individual or entity to whom they are addressed.  If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of this e-mail and/or accompanying document(s) is strictly prohibited.  If you have received this e-mail in error, please immediately notify the sender at the above e-mail address.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list