[Webkit-unassigned] [Bug 98859] [Qt][WK2]REGRESSION(r130826): It made fast/js/sparse-array.html crash on 64 bit

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Oct 9 23:42:40 PDT 2012 

https://bugs.webkit.org/show_bug.cgi?id=98859





--- Comment #1 from Csaba Osztrogonac <ossy at webkit.org>  2012-10-09 23:43:17 PST ---
Unfortunately reproduce the crash isn't so easy, because it passes in itself.
But you can reproduce it with the following command:
$Tools/Scripts/run-webkit-tests -2 fast/js/sort-stability.html fast/js/sort-with-side-effecting-comparisons.html LayoutTests/fast/js/sparse-array.html

Here is the debug backtrace:
-----------------------------
1   0x7ffff0262394 /home/oszi/WebKit/WebKitBuild/Debug/lib/libWTF.so.1(+0x56394) [0x7ffff0262394]
2   0x7fffe8523230 /lib/libc.so.6(+0x32230) [0x7fffe8523230]
3   0x7ffff7b10708 /home/oszi/WebKit/WebKitBuild/Debug/lib/libWebKit1.so.1(JSC::WriteBarrierBase<JSC::Structure>::get() const+0x10) [0x7ffff7b10708]
4   0x7ffff7b09eae /home/oszi/WebKit/WebKitBuild/Debug/lib/libWebKit1.so.1(JSC::JSCell::structure() const+0x18) [0x7ffff7b09eae]
5   0x7ffff0a25695 /home/oszi/WebKit/WebKitBuild/Debug/lib/libJavaScriptCore.so.1(JSC::SlotVisitor::validate(JSC::JSCell*)+0x4d) [0x7ffff0a25695]
6   0x7ffff3e0f31d /home/oszi/WebKit/WebKitBuild/Debug/lib/libWebCore.so.1(JSC::SlotVisitor::internalAppend(JSC::JSCell*)+0x71) [0x7ffff3e0f31d]
7   0x7ffff0c6a7d2 /home/oszi/WebKit/WebKitBuild/Debug/lib/libJavaScriptCore.so.1(void JSC::SlotVisitor::append<JSC::SparseArrayValueMap>(JSC::WriteBarrierBase<JSC::SparseArrayValueMap>*)+0x2e) [0x7ffff0c6a7d2]
8   0x7ffff0c6a4d8 /home/oszi/WebKit/WebKitBuild/Debug/lib/libJavaScriptCore.so.1(JSC::JSObject::visitButterfly(JSC::SlotVisitor&, JSC::Butterfly*, unsigned long)+0x61e) [0x7ffff0c6a4d8]
9   0x7ffff0c6030a /home/oszi/WebKit/WebKitBuild/Debug/lib/libJavaScriptCore.so.1(JSC::JSObject::visitChildren(JSC::JSCell*, JSC::SlotVisitor&)+0x146) [0x7ffff0c6030a]
10  0x7ffff0a24c8b /home/oszi/WebKit/WebKitBuild/Debug/lib/libJavaScriptCore.so.1(+0x532c8b) [0x7ffff0a24c8b]
11  0x7ffff0a24e3c /home/oszi/WebKit/WebKitBuild/Debug/lib/libJavaScriptCore.so.1(JSC::SlotVisitor::drain()+0x84) [0x7ffff0a24e3c]
12  0x7ffff0a0f694 /home/oszi/WebKit/WebKitBuild/Debug/lib/libJavaScriptCore.so.1(JSC::SlotVisitor::donateAndDrain()+0x24) [0x7ffff0a0f694]
13  0x7ffff0a0d6d7 /home/oszi/WebKit/WebKitBuild/Debug/lib/libJavaScriptCore.so.1(JSC::Heap::markRoots(bool)+0x48d) [0x7ffff0a0d6d7]
14  0x7ffff0a0ddaa /home/oszi/WebKit/WebKitBuild/Debug/lib/libJavaScriptCore.so.1(JSC::Heap::collect(JSC::Heap::SweepToggle)+0x1fc) [0x7ffff0a0ddaa]
15  0x7ffff0a0dba9 /home/oszi/WebKit/WebKitBuild/Debug/lib/libJavaScriptCore.so.1(JSC::Heap::collectAllGarbage()+0x2f) [0x7ffff0a0dba9]
16  0x7ffff3de3d37 /home/oszi/WebKit/WebKitBuild/Debug/lib/libWebCore.so.1(+0x201cd37) [0x7ffff3de3d37]
17  0x7ffff3de3f76 /home/oszi/WebKit/WebKitBuild/Debug/lib/libWebCore.so.1(WebCore::GCController::gcTimerFired(WebCore::Timer<WebCore::GCController>*)+0x1a) [0x7ffff3de3f76]
18  0x7ffff3de41b0 /home/oszi/WebKit/WebKitBuild/Debug/lib/libWebCore.so.1(WebCore::Timer<WebCore::GCController>::fired()+0x6e) [0x7ffff3de41b0]
19  0x7ffff48caf05 /home/oszi/WebKit/WebKitBuild/Debug/lib/libWebCore.so.1(WebCore::ThreadTimers::sharedTimerFiredInternal()+0xd3) [0x7ffff48caf05]
20  0x7ffff48cae2f /home/oszi/WebKit/WebKitBuild/Debug/lib/libWebCore.so.1(WebCore::ThreadTimers::sharedTimerFired()+0x19) [0x7ffff48cae2f]
21  0x7ffff4c41914 /home/oszi/WebKit/WebKitBuild/Debug/lib/libWebCore.so.1(WebCore::SharedTimerQt::timerEvent(QTimerEvent*)+0x6a) [0x7ffff4c41914]
22  0x7fffe98f7da9 /usr/local/Trolltech/Qt5/Qt-5.0.0-r37/lib/libQtCore.so.5(QObject::event(QEvent*)+0x99) [0x7fffe98f7da9]
23  0x7fffeac8c27c /usr/local/Trolltech/Qt5/Qt-5.0.0-r37/lib/libQtWidgets.so.5(QApplicationPrivate::notify_helper(QObject*, QEvent*)+0xac) [0x7fffeac8c27c]
24  0x7fffeac93b3b /usr/local/Trolltech/Qt5/Qt-5.0.0-r37/lib/libQtWidgets.so.5(QApplication::notify(QObject*, QEvent*)+0x11b) [0x7fffeac93b3b]
25  0x7fffe98d3584 /usr/local/Trolltech/Qt5/Qt-5.0.0-r37/lib/libQtCore.so.5(QCoreApplication::notifyInternal(QObject*, QEvent*)+0x84) [0x7fffe98d3584]
26  0x7fffe991eb62 /usr/local/Trolltech/Qt5/Qt-5.0.0-r37/lib/libQtCore.so.5(QTimerInfoList::activateTimers()+0x3d2) [0x7fffe991eb62]
27  0x7fffe991f5cd /usr/local/Trolltech/Qt5/Qt-5.0.0-r37/lib/libQtCore.so.5(+0x2715cd) [0x7fffe991f5cd]
28  0x7fffec6ee6f2 /lib/libglib-2.0.so.0(g_main_context_dispatch+0x1f2) [0x7fffec6ee6f2]
29  0x7fffec6f2568 /lib/libglib-2.0.so.0(+0x42568) [0x7fffec6f2568]
30  0x7fffec6f271c /lib/libglib-2.0.so.0(g_main_context_iteration+0x6c) [0x7fffec6f271c]
31  0x7fffe991f28b /usr/local/Trolltech/Qt5/Qt-5.0.0-r37/lib/libQtCore.so.5(QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>)+0x6b) [0x7fffe991f28b]
LEAK: 1 WebFrame
LEAK: 1 WebPage
LEAK: 50 WebCoreNode
LEAK: 3 CachedResource
LEAK: 1 Frame
LEAK: 1 Page
LEAK: 37 RenderObject
#CRASHED - WebProcess
[Thread 0x7fffa2036700 (LWP 23659) exited]
LEAK: 1 WebContext
LEAK: 1 WebPageProxy
[Thread 0x7fffa2439700 (LWP 23657) exited]
[Thread 0x7fffa1e35700 (LWP 23661) exited]
[Thread 0x7fffa263a700 (LWP 23656) exited]
[Thread 0x7fffa283b700 (LWP 23655) exited]
[Thread 0x7ffff7ff7700 (LWP 23658) exited]

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list