[Webkit-unassigned] [Bug 146629] New: [MIPS] webkitgtk crashed if JIT is enabled

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Jul 6 02:26:35 PDT 2015 

https://bugs.webkit.org/show_bug.cgi?id=146629

            Bug ID: 146629
           Summary: [MIPS] webkitgtk crashed if JIT is enabled
    Classification: Unclassified
           Product: WebKit
           Version: 528+ (Nightly build)
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: Jeffrey.li at nagra.com

Webkitgtk crashed when I run the javascript test. The backtrace and some gdb information list below.

warning: Could not load shared library symbols for 82 libraries, e.g. /usr/lib/libwebkitgtk-1.0.so.0.
Use the "info sharedlibrary" command to see the complete listing.
Do you need "set solib-search-path" or "set sysroot"?
Core was generated by `/usr/local/bin/otvwebkit http://10.12.2.99/testcase/regression/testcase.html'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x759f4e08 in ?? ()
(gdb) bt
#0  0x759f4e08 in llint_op_push_name_scope () from /home/otv5/otv5/jeli_pc2/DEVELOP/OTV_WebKit/otvwebkit2.0/otvtarg/tc7356_uclibc_bc/sdk_all/target/usr/lib/libjavascriptcoregtk-1.0.so.0
#1  0x759f4e00 in llint_op_pop_scope () from /home/otv5/otv5/jeli_pc2/DEVELOP/OTV_WebKit/otvwebkit2.0/otvtarg/tc7356_uclibc_bc/sdk_all/target/usr/lib/libjavascriptcoregtk-1.0.so.0
Backtrace stopped: frame did not save the PC
(gdb) i reg
          zero       at       v0       v1       a0       a1       a2       a3
 R0   00000000 00000001 6bfbfd40 fffffffb 6c3e2fa8 7262de0c 759f2bac 72642978
            t0       t1       t2       t3       t4       t5       t6       t7
 R8   fffffffa fffffffb fffffffe fffffffb 726112f4 00000004 ecb5a59f 6c3e2f98
            s0       s1       s2       s3       s4       s5       s6       s7
 R16  7f8e1258 7260b000 7262de0c 7260b000 6c1b91a8 6bf5fa68 72642960 7260b000
            t8       t9       k0       k1       gp       sp       s8       ra
 R24  6c3e2f98 759f2bac 00000000 00000000 6c1b91a8 7f8e0d00 6c3e2fa8 759f4e00
            sr       lo       hi      bad    cause       pc
      00008713 00000004 00000000 6c1b18c0 00800008 759f4e08
           fsr      fir
      88800004 00000000
(gdb) x/16i llint_op_push_name_scope
   0x759f4e00 <llint_op_push_name_scope>:       move    a0,s8
   0x759f4e04 <llint_op_push_name_scope+4>:     move    a1,s2
=> 0x759f4e08 <llint_op_push_name_scope+8>:     lw      t9,-30952(gp)
   0x759f4e0c <llint_op_push_name_scope+12>:    bal     0x759eac98 <llint_slow_path_push_name_scope>
   0x759f4e10 <llint_op_push_name_scope+16>:    nop
   0x759f4e14 <llint_op_push_name_scope+20>:    move    gp,s4
   0x759f4e18 <llint_op_push_name_scope+24>:    move    s2,v0
   0x759f4e1c <llint_op_push_name_scope+28>:    move    s8,v1
   0x759f4e20 <llint_op_push_name_scope+32>:    addiu   s2,s2,16
   0x759f4e24 <llint_op_push_name_scope+36>:    lw      ra,0(s2)
   0x759f4e28 <llint_op_push_name_scope+40>:    jr      ra
   0x759f4e2c <llint_op_push_name_scope+44>:    nop
   0x759f4e30 <llint_op_throw>: move    a0,s8
   0x759f4e34 <llint_op_throw+4>:       move    a1,s2
   0x759f4e38 <llint_op_throw+8>:       lw      t9,-30948(gp)
   0x759f4e3c <llint_op_throw+12>:      bal     0x759e9864 <llint_slow_path_throw>
   0x759f4e40 <llint_op_throw+16>:      nop
(gdb)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150706/2d7e29f0/attachment.html>

More information about the webkit-unassigned mailing list