[Webkit-unassigned] [Bug 119951] [GTK] 'pure virtual method called' in WebCore::JSNodeOwner::isReachableFromOpaqueRoots
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Aug 20 05:57:21 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=119951
--- Comment #9 from Zan Dobersek <zandobersek at gmail.com> 2013-08-20 05:56:50 PST ---
I've recompiled with disabled JIT, just so Valgrind could process the execution without crashing in JIT-specific code.
The resulting crash is a bit different, though the culprit still seems a FUBAR'd Node object in WebCore::isReachableFromDOM.
Here's the incomplete backtrace for the crashing thread. I'll upload a complete backtrace dump and the Valgrind log file shortly.
#0 0x00007ffff4856db0 in WebCore::Node::dispatchEvent (this=0xa0e190, event=...) at ../Source/WebCore/dom/Node.cpp:2112
#1 0x00007ffff45863cd in WebCore::isReachableFromDOM (jsNode=0x7fff8918fa70, node=0xa0e190, visitor=...)
at ../Source/WebCore/bindings/js/JSNodeCustom.cpp:114
#2 0x00007ffff458649c in WebCore::JSNodeOwner::isReachableFromOpaqueRoots (this=0x9289d0, handle=..., visitor=...)
at ../Source/WebCore/bindings/js/JSNodeCustom.cpp:131
#3 0x00007ffff36acf66 in JSC::WeakBlock::visit (this=0x7ffff7eea000, heapRootVisitor=...)
at ../Source/JavaScriptCore/heap/WeakBlock.cpp:108
#4 0x00007ffff36a795b in JSC::WeakSet::visit (this=0x7fff89180448, visitor=...) at ../Source/JavaScriptCore/heap/WeakSet.h:104
#5 0x00007ffff36a7afe in JSC::MarkedBlock::visitWeakSet (this=0x7fff89180000, heapRootVisitor=...)
at ../Source/JavaScriptCore/heap/MarkedBlock.h:260
#6 0x00007ffff36a7f7c in JSC::VisitWeakSet::operator() (this=0x7fffffffd040, block=0x7fff89180000)
at ../Source/JavaScriptCore/heap/MarkedSpace.cpp:71
#7 0x00007ffff36a8ddb in JSC::MarkedAllocator::forEachBlock<JSC::VisitWeakSet> (this=0x7758a0, functor=...)
at ../Source/JavaScriptCore/heap/MarkedAllocator.h:120
#8 0x00007ffff36a8567 in JSC::MarkedSpace::forEachBlock<JSC::VisitWeakSet> (this=0x7757b0, functor=...)
at ../Source/JavaScriptCore/heap/MarkedSpace.h:222
#9 0x00007ffff36a735e in JSC::MarkedSpace::visitWeakSets (this=0x7757b0, heapRootVisitor=...)
at ../Source/JavaScriptCore/heap/MarkedSpace.cpp:144
#10 0x00007ffff369531b in JSC::Heap::markRoots (this=0x775528) at ../Source/JavaScriptCore/heap/Heap.cpp:580
#11 0x00007ffff3695a9b in JSC::Heap::collect (this=0x775528, sweepToggle=JSC::Heap::DoSweep) at ../Source/JavaScriptCore/heap/Heap.cpp:760
#12 0x00007ffff36957b3 in JSC::Heap::collectAllGarbage (this=0x775528) at ../Source/JavaScriptCore/heap/Heap.cpp:713
#13 0x00007ffff4526ff2 in WebCore::collect () at ../Source/WebCore/bindings/js/GCController.cpp:42
#14 0x00007ffff45270de in WebCore::GCController::gcTimerFired (this=0xa6ced0) at ../Source/WebCore/bindings/js/GCController.cpp:77
#15 0x00007ffff4527369 in WebCore::Timer<WebCore::GCController>::fired (this=0xa6ced0) at ../Source/WebCore/platform/Timer.h:114
#16 0x00007ffff44b6c9b in WebCore::ThreadTimers::sharedTimerFiredInternal (this=0x6cc9b0) at ../Source/WebCore/platform/ThreadTimers.cpp:129
#17 0x00007ffff44b6b8b in WebCore::ThreadTimers::sharedTimerFired () at ../Source/WebCore/platform/ThreadTimers.cpp:105
#18 0x00007ffff44d36f5 in WebCore::timeout_cb () at ../Source/WebCore/platform/gtk/SharedTimerGtk.cpp:49
#19 0x00007fffeef9ea03 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#20 0x00007fffeef9dea6 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#21 0x00007fffeef9e1f8 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#22 0x00007fffeef9e5fa in g_main_loop_run () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#23 0x00007ffff2853257 in gtk_main () from /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0
#24 0x0000000000405b02 in main (argc=1, argv=0x7fffffffde48) at ../Tools/GtkLauncher/main.c:557
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list