[Webkit-unassigned] [Bug 282172] New: [GTK] [2.46.2] WebCore::DisplayUpdate::nextUpdate(): Arithmetic exception on i386

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Oct 28 08:32:19 PDT 2024 

https://bugs.webkit.org/show_bug.cgi?id=282172

            Bug ID: 282172
           Summary: [GTK] [2.46.2] WebCore::DisplayUpdate::nextUpdate():
                    Arithmetic exception on i386
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKitGTK
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: berto at igalia.com
                CC: bugs-noreply at webkitgtk.org

One Debian user reports the following crash using WebKitGTK 2.46.0 and 2.46.2 in i386 when running Evolution 3.54.0 on Debian trixie:

Thread 48 "VBlankMonitor" received signal SIGFPE, Arithmetic exception.
[Switching to Thread 0xccc7bb40 (LWP 21804)]
Download failed: Argument invalide.  Continuing without source file ./build-soup3/./build-soup3/WebCore/PrivateHeaders/WebCore/DisplayUpdate.h.
WebCore::DisplayUpdate::nextUpdate () at ./build-soup3/WebCore/PrivateHeaders/WebCore/DisplayUpdate.h:44
warning: 44     ./build-soup3/WebCore/PrivateHeaders/WebCore/DisplayUpdate.h: Aucun fichier ou dossier de ce nom
#0  WebCore::DisplayUpdate::nextUpdate () at ./build-soup3/WebCore/PrivateHeaders/WebCore/DisplayUpdate.h:44
#1  WebKit::DisplayLink::notifyObserversDisplayDidRefresh () at ./Source/WebKit/UIProcess/DisplayLink.cpp:217
#2  0xf1f734db in operator() () at ./Source/WebKit/UIProcess/glib/DisplayLinkGLib.cpp:38
#3  call () at ./build-soup3/WTF/Headers/wtf/Function.h:53
#4  0xf1f73bbc in WTF::Function<void()>::operator() () at ./build-soup3/WTF/Headers/wtf/Function.h:82
#5  operator() () at ./Source/WebKit/UIProcess/glib/DisplayVBlankMonitor.cpp:101
#6  call () at ./build-soup3/WTF/Headers/wtf/Function.h:53
#7  0xeeca1d20 in WTF::Function<void()>::operator() () at ./Source/WTF/wtf/Function.h:82
#8  WTF::Thread::entryPoint () at ./Source/WTF/wtf/Threading.cpp:266
#9  0xeed0a9f8 in wtfThreadEntryPoint () at ./Source/WTF/wtf/posix/ThreadingPOSIX.cpp:239
#10 0xf0dda872 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:447
#11 0xf0e72b48 in __GI___clone3 () at ../sysdeps/unix/sysv/linux/i386/clone3.S:111

>From the line numbers the problem seems to be here: https://github.com/WebKit/WebKit/blob/webkitgtk-2.46.2/Source/WebCore/platform/graphics/DisplayUpdate.h#L44

And that is likely a division by zero:

    DisplayUpdate nextUpdate() const
    {
        return { (updateIndex + 1) % updatesPerSecond, updatesPerSecond };
    }

The CPU is an Intel Core2 Duo T9300

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20241028/445f1cf5/attachment.htm>

More information about the webkit-unassigned mailing list