[Webkit-unassigned] [Bug 122445] Crash while browsing GitHub

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Oct 7 12:57:59 PDT 2013 

https://bugs.webkit.org/show_bug.cgi?id=122445





--- Comment #6 from Mark Lam <mark.lam at apple.com>  2013-10-07 12:56:50 PST ---
On r157033, here's the crash I'm actually seeing:

Program received signal SIGTRAP, Trace/breakpoint trap.
0x00005a8339477d26 in ?? ()
(gdb) bt
#0  0x00005a8339477d26 in ?? ()
#1  0x00000001103515f7 in JSC::JITCode::execute (this=0x7fc8a29b4af0, stack=0x7fc89d804ba8, callFrame=0x11d4aff98, vm=0x7fc89e026c00) at /Volumes/Data/ws7/OpenSource/Source/JavaScriptCore/jit/JITCode.cpp:46
#2  0x000000011033474f in JSC::Interpreter::executeCall (this=0x7fc89d804b90, callFrame=0x11d4feab0, function=0x11e1f4930, callType=JSC::CallTypeJS, callData=@0x7fff5152e038, thisValue={static numberOfInt52Bits = <optimized out>, static int52ShiftAmount = <optimized out>, u = {asInt64 = 4787337872, ptr = 0x11d58fa90, asBits = {payload = 492370576, tag = 1}}}, args=@0x7fff5152df38) at /Volumes/Data/ws7/OpenSource/Source/JavaScriptCore/interpreter/Interpreter.cpp:957
#3  0x00000001100b0a5e in JSC::call (exec=0x11d4feab0, functionObject={static numberOfInt52Bits = <optimized out>, static int52ShiftAmount = <optimized out>, u = {asInt64 = 4800334128, ptr = 0x11e1f4930, asBits = {payload = 505366832, tag = 1}}}, callType=JSC::CallTypeJS, callData=@0x7fff5152e038, thisValue={static numberOfInt52Bits = <optimized out>, static int52ShiftAmount = <optimized out>, u = {asInt64 = 4787337872, ptr = 0x11d58fa90, asBits = {payload = 492370576, tag = 1}}}, args=@0x7fff5152df38) at /Volumes/Data/ws7/OpenSource/Source/JavaScriptCore/runtime/CallData.cpp:39
#4  0x000000011210576b in WebCore::JSMainThreadExecState::call (exec=0x11d4feab0, functionObject={static numberOfInt52Bits = <optimized out>, static int52ShiftAmount = <optimized out>, u = {asInt64 = 4800334128, ptr = 0x11e1f4930, asBits = {payload = 505366832, tag = 1}}}, callType=JSC::CallTypeJS, callData=@0x7fff5152e038, thisValue={static numberOfInt52Bits = <optimized out>, static int52ShiftAmount = <optimized out>, u = {asInt64 = 4787337872, ptr = 0x11d58fa90, asBits = {payload = 492370576, tag = 1}}}, args=@0x7fff5152df38) at JSMainThreadExecState.h:53
#5  0x000000011223b53f in WebCore::JSEventListener::handleEvent (this=0x7fc89aca4410, scriptExecutionContext=0x7fc89b0b92b0, event=0x7fc8a29bb7c0) at /Volumes/Data/ws7/OpenSource/Source/WebCore/bindings/js/JSEventListener.cpp:132
#6  0x0000000111baf3b2 in WebCore::EventTarget::fireEventListeners (this=0x7fc89b0b9200, event=0x7fc8a29bb7c0, d=0x7fc8a16dbdd0, entry=@0x7fc89ac1c850) at /Volumes/Data/ws7/OpenSource/Source/WebCore/dom/EventTarget.cpp:277
...

(gdb) x /20i $pc
0x5a8339477d27:    int3   
0x5a8339477d28:    int3   
0x5a8339477d29:    int3   
0x5a8339477d2a:    int3   
0x5a8339477d2b:    int3   
0x5a8339477d2c:    mov    %rsp,%rdi
0x5a8339477d2f:    mov    %r13,0x58(%rsp)
0x5a8339477d34:    movl   $0x80000001,0x34(%r13)
0x5a8339477d3c:    mov    $0x11036c320,%r11
0x5a8339477d46:    callq  *%r11
0x5a8339477d49:    jmpq   0x5a8339477b8d
0x5a8339477d4e:    pop    %rcx
0x5a8339477d4f:    mov    %rcx,0x10(%r13)
0x5a8339477d53:    mov    $0x7fc89bdd0140,%r11
0x5a8339477d5d:    mov    %r11,0x8(%r13)
0x5a8339477d61:    mov    0x30(%r13),%edx
0x5a8339477d65:    cmp    $0x2,%edx
0x5a8339477d68:    jae    0x5a8339477b73
0x5a8339477d6e:    mov    %rsp,%rdi
0x5a8339477d71:    mov    %r13,0x58(%rsp)


This issue may be related to https://bugs.webkit.org/show_bug.cgi?id=122462.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list