[Webkit-unassigned] [Bug 122908] New: iPad Google News crashes in non-JIT builds

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Oct 16 11:43:53 PDT 2013 

https://bugs.webkit.org/show_bug.cgi?id=122908

           Summary: iPad Google News crashes in non-JIT builds
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
               URL: http://news.google.com/
        OS/Version: Unspecified
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: ralpht+bugs at gmail.com
                CC: mark.lam at apple.com


The LLInt CLoop crashes when loading http://news.google.com/ with an iPad User-Agent. I'm using "Mozilla/5.0 (iPad; CPU OS 5_0 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A334 Safari/7534.48.3" but probably a newer one would work, too. The DFG JIT doesn't crash on this page.

Program received signal SIGSEGV, Segmentation fault.
0x00007f6354745644 in JSC::LLInt::CLoop::execute(JSC::ExecState*, JSC::OpcodeID, bool) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0
(gdb) bt
#0  0x00007f6354745644 in JSC::LLInt::CLoop::execute(JSC::ExecState*, JSC::OpcodeID, bool) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0
#1  0x00007f63546884e8 in JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0
#2  0x00007f63559e9b38 in JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0
#3  0x00007f6354f56cbb in WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0
#4  0x00007f6354f56f63 in WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0
#5  0x00007f635541d7d1 in WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) [clone .part.35] () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0
#6  0x00007f635541e18d in WebCore::ScriptElement::execute(WebCore::CachedScript*) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0
#7  0x00007f635485500d in WebCore::ScriptRunner::timerFired(WebCore::Timer<WebCore::ScriptRunner>*) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0
#8  0x00007f6354bcb209 in WebCore::ThreadTimers::sharedTimerFiredInternal() () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0
#9  0x00007f6355270af2 in WebCore::timeout_cb(void*) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0
#10 0x00007f6351356b2b in g_timeout_dispatch (source=source at entry=0x25b36a0, callback=<optimized out>, user_data=<optimized out>) at gmain.c:4413
#11 0x00007f6351355f15 in g_main_dispatch (context=0x207fa50) at gmain.c:3054
#12 g_main_context_dispatch (context=context at entry=0x207fa50) at gmain.c:3630
#13 0x00007f6351356258 in g_main_context_iterate (context=0x207fa50, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at gmain.c:3701
#14 0x00007f63513566ca in g_main_loop_run (loop=0x207fbb0) at gmain.c:3895

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list