[Webkit-unassigned] [Bug 132465] New: [GTK] [Stable] JSC crashes in 2.4.x
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri May 2 00:28:30 PDT 2014
https://bugs.webkit.org/show_bug.cgi?id=132465
Summary: [GTK] [Stable] JSC crashes in 2.4.x
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit Gtk
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: berto at igalia.com
CC: zandobersek at gmail.com, cgarcia at igalia.com
I've been experiencing random JSC crashes in the 2.4 branch for quite some time.
I don't have a detailed list of steps to reproduce this, but it happens relatively often (several times per day) with e.g Facebook.
The backtraces are not really meaningful:
Program received signal SIGSEGV, Segmentation fault.
0x00007f7d1ea1a939 in llint_function_for_call_arity_check () from .libs/libjavascriptcoregtk-3.0.so.0
(gdb) bt
#0 0x00007f7d1ea1a939 in llint_function_for_call_arity_check () from .libs/libjavascriptcoregtk-3.0.so.0
#1 0x0000000000000000 in ?? ()
After some testing it seems that reverting r159826 solves the problem:
http://trac.webkit.org/changeset/159826
I tested this with WebKitGTK+ 2.4.1 and I haven't been able to crash the browser since then.
I haven't checked whether this affects master or if it has been fixed there, otherwise I propose that we revert that change in the stable branch.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list