[Webkit-unassigned] [Bug 97586] [Qt] Fix crashes with LLInt C loop on 64 bit release mode

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Sep 25 11:42:27 PDT 2012 

https://bugs.webkit.org/show_bug.cgi?id=97586


Csaba Osztrogonac <ossy at webkit.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |ossy at webkit.org




--- Comment #1 from Csaba Osztrogonac <ossy at webkit.org>  2012-09-25 11:42:54 PST ---
crash log for LayoutTests/fast/js/JSON-parse.html:
---------------------------------------------------
$ gdb WebKitBuild/Release/bin/DumpRenderTree
GNU gdb (GDB) 7.0.1-debian
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree...done.
(gdb) run LayoutTests/fast/js/JSON-parse.html
Starting program: /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree LayoutTests/fast/js/JSON-parse.html
[Thread debugging using libthread_db enabled]
[New Thread 0x7fffe7bad700 (LWP 22411)]
[New Thread 0x7fffa725d700 (LWP 22412)]
[Thread 0x7fffa725d700 (LWP 22412) exited]
[New Thread 0x7fffa725d700 (LWP 22413)]
[New Thread 0x7fffa6776700 (LWP 22414)]

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff4d183ec in JSC::LLInt::CLoop::execute (callFrame=0x7fffa68310d8, bootstrapOpcodeId=<value optimized out>,
    isInitializationPass=<value optimized out>) at generated/LLIntAssembly.h:2385
2385        opcode = *CAST<Opcode*>(rBasePC.i8p + (rPC.i32 << 3) + intptr_t(0x0)); // /home/oszi/WebKit/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm:38
(gdb) bt
#0  0x00007ffff4d183ec in JSC::LLInt::CLoop::execute (callFrame=0x7fffa68310d8, bootstrapOpcodeId=<value optimized out>,
    isInitializationPass=<value optimized out>) at generated/LLIntAssembly.h:2385
#1  0x00007ffff4cfc711 in JSC::Interpreter::execute (this=<value optimized out>, program=<value optimized out>, callFrame=0x7fffa67ef388,
    thisObj=<value optimized out>) at /home/oszi/WebKit/Source/JavaScriptCore/interpreter/Interpreter.cpp:888
#2  0x00007ffff4da63dd in JSC::evaluate (exec=0x7fffa67ef388, source=..., thisValue=..., returnedException=0x7fffffffcfc0)
    at /home/oszi/WebKit/Source/JavaScriptCore/runtime/Completion.cpp:75
#3  0x00007ffff3c8bddb in WebCore::JSMainThreadExecState::evaluate (this=0x7fffe78d2878, sourceCode=..., world=<value optimized out>)
    at /home/oszi/WebKit/Source/WebCore/bindings/js/JSMainThreadExecState.h:77
#4  WebCore::ScriptController::evaluateInWorld (this=0x7fffe78d2878, sourceCode=..., world=<value optimized out>)
    at /home/oszi/WebKit/Source/WebCore/bindings/js/ScriptController.cpp:148
#5  0x00007ffff3c8c382 in WebCore::ScriptController::evaluate (this=0x7fffe78d2878, sourceCode=...)
    at /home/oszi/WebKit/Source/WebCore/bindings/js/ScriptController.cpp:165
#6  0x00007ffff3e93f97 in WebCore::ScriptElement::executeScript (this=0x7fffe78bd330, sourceCode=...)
    at /home/oszi/WebKit/Source/WebCore/dom/ScriptElement.cpp:301
#7  0x00007ffff4040392 in WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent (this=0x7fffe78fe840, pendingScript=<value optimized out>)
    at /home/oszi/WebKit/Source/WebCore/html/parser/HTMLScriptRunner.cpp:139
#8  0x00007ffff40410d2 in WebCore::HTMLScriptRunner::executeParsingBlockingScript (this=0x7fffe78fe840)
    at /home/oszi/WebKit/Source/WebCore/html/parser/HTMLScriptRunner.cpp:118
#9  0x00007ffff4041508 in WebCore::HTMLScriptRunner::executeParsingBlockingScripts (this=0x7fffe78fe840)
    at /home/oszi/WebKit/Source/WebCore/html/parser/HTMLScriptRunner.cpp:190
#10 0x00007ffff40319c3 in WebCore::HTMLDocumentParser::notifyFinished (this=0x7fffe7904800, cachedResource=0x7fffa6831038)
    at /home/oszi/WebKit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:514
#11 0x00007ffff4155a38 in WebCore::CachedResource::checkNotify (this=0x7fffe796b900) at /home/oszi/WebKit/Source/WebCore/loader/cache/CachedResource.cpp:247
#12 0x00007ffff41b5e62 in WebCore::SubresourceLoader::didFinishLoading (this=0x7fffe796d400, finishTime=<value optimized out>)
    at /home/oszi/WebKit/Source/WebCore/loader/SubresourceLoader.cpp:300
#13 0x00007ffff44f6282 in WebCore::QNetworkReplyHandler::finish (this=0x6be9d0)
    at /home/oszi/WebKit/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:455
#14 0x00007ffff44f3199 in WebCore::QNetworkReplyHandlerCallQueue::flush (this=0x6bea08)
    at /home/oszi/WebKit/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:196
#15 0x00007ffff44f3805 in WebCore::QNetworkReplyHandlerCallQueue::push (this=0x6bea08, method=0x7ffff44f60b0 <WebCore::QNetworkReplyHandler::finish()>)
    at /home/oszi/WebKit/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp:162
#16 0x00007ffff18f8058 in QMetaObject::activate(QObject*, int, int, void**) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-beta1/lib/libQtCore.so.5
#17 0x00007ffff18f22ce in QObject::event(QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-beta1/lib/libQtCore.so.5
#18 0x00007ffff2ea40dc in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-beta1/lib/libQtWidgets.so.5
#19 0x00007ffff2eab957 in QApplication::notify(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-beta1/lib/libQtWidgets.so.5
#20 0x00007ffff18cd914 in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-beta1/lib/libQtCore.so.5
#21 0x00007ffff18d2709 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) ()
   from /usr/local/Trolltech/Qt5/Qt-5.0.0-beta1/lib/libQtCore.so.5
#22 0x00007ffff1919a73 in ?? () from /usr/local/Trolltech/Qt5/Qt-5.0.0-beta1/lib/libQtCore.so.5
#23 0x00007ffff5b276f2 in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#24 0x00007ffff5b2b568 in ?? () from /lib/libglib-2.0.so.0
#25 0x00007ffff5b2b71c in g_main_context_iteration () from /lib/libglib-2.0.so.0
#26 0x00007ffff191954b in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
   from /usr/local/Trolltech/Qt5/Qt-5.0.0-beta1/lib/libQtCore.so.5
#27 0x00007ffff18cca7b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/Trolltech/Qt5/Qt-5.0.0-beta1/lib/libQtCore.so.5
#28 0x00007ffff18d2d45 in QCoreApplication::exec() () from /usr/local/Trolltech/Qt5/Qt-5.0.0-beta1/lib/libQtCore.so.5
#29 0x0000000000428b2e in main (argc=2, argv=<value optimized out>) at /home/oszi/WebKit/Tools/DumpRenderTree/qt/DumpRenderTreeMain.cpp:195
(gdb)

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list