[Webkit-unassigned] [Bug 108398] [Qt] webkit crashes with sigsegv at JSC::CopyWorkList at ARM with qt5-final
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jan 31 12:10:03 PST 2013
https://bugs.webkit.org/show_bug.cgi?id=108398
--- Comment #1 from Ricardo <rsalveti at rsalveti.net> 2013-01-31 12:12:03 PST ---
I did test with an older qtwebkit revision, and got a similar issue (before the js heap work):
#0 0x40e7d862 in testAndSet (n=0, this=0x14) at ../WTF/wtf/Bitmap.h:98
mask = 1
index = 0
result = <optimized out>
#1 concurrentTestAndSet (n=0, this=0x14) at ../WTF/wtf/Bitmap.h:117
No locals.
#2 testAndSetMarked (this=0x0, p=0x1) at heap/MarkedBlock.h:371
No locals.
#3 testAndSetMarked (cell=0x1) at heap/Heap.h:324
No locals.
#4 internalAppend (this=<optimized out>, cell=0x1) at runtime/Structure.h:559
No locals.
#5 internalAppend (value=..., this=<optimized out>) at heap/SlotVisitorInlines.h:82
No locals.
#6 append (count=<optimized out>, this=0x48ee08d0, slot=<optimized out>) at heap/SlotVisitorInlines.h:40
value = @0x55f6b010: {u = {asInt64 = -21474836479, asDouble = -nan(0xffffb00000001), asBits = {payload = 1, tag = -5}}}
i = <optimized out>
#7 appendValues (count=<optimized out>, barriers=<optimized out>, this=0x48ee08d0) at runtime/WriteBarrier.h:237
No locals.
So for some reason the value is corrupted, as cell is pointing to 0x1, which then makes the segfault to happen.
Guess it'd be ideal to trace and debug when the broken value indeed got inserted at the heap, as all the code seems to be doing here is cleaning the heap up.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list