78710 2012-02-15 06:24:19 -0800 [Gtk][JSC] Crash (Segmentation fault) in JSC::FunctionExecutable::discardCode() 2019-06-09 19:14:56 -0700 1 1 1 Unclassified WebKit JavaScriptCore 528+ (Nightly build) Other Linux UNCONFIRMED Gtk P2 Major --- 0 une.belette webkit-unassigned bugs-noreply fpizlo ggaren gustavo kenneth mrobinson ngockhanhlam87 oliver une.belette oldest_to_newest 557220 0 une.belette 2012-02-15 06:24:19 -0800 Hi, I use Angstrom distribution with eglibc and libjavascriptcoregtk-1.0-0_1.7.2+svnr101488-r2 on armv7a. I have a Segmentation fault with this backtrace : Program received signal SIGSEGV, Segmentation fault. 0x42171f04 in JSC::CodeBlock::clearEvalCache() () from /usr/lib/libjavascriptcoregtk-1.0.so.0 (gdb) bt #0 0x42171f04 in JSC::CodeBlock::clearEvalCache() () from /usr/lib/libjavascriptcoregtk-1.0.so.0 #1 0x42171f14 in JSC::CodeBlock::clearEvalCache() () from /usr/lib/libjavascriptcoregtk-1.0.so.0 #2 0x4228b550 in JSC::FunctionExecutable::discardCode() () from /usr/lib/libjavascriptcoregtk-1.0.so.0 #3 0x422a1f78 in JSC::JSGlobalData::recompileAllJSFunctions() () from /usr/lib/libjavascriptcoregtk-1.0.so.0 #4 0x4219e8ac in JSC::Heap::collectAllGarbage() () from /usr/lib/libjavascriptcoregtk-1.0.so.0 #5 0x40c8e280 in ?? () from /usr/lib/libwebkitgtk-1.0.so.0 #6 0x40c8e280 in ?? () from /usr/lib/libwebkitgtk-1.0.so.0 Backtrace stopped: previous frame identical to this frame (corrupt stack?) (gdb) JSC::CodeBlock::clearEvalCacheQuit I don't have more information. I don't see any patch for this bug on trunk branche. Bye. 557231 1 une.belette 2012-02-15 06:42:56 -0800 An other backtrace : Program received signal SIGSEGV, Segmentation fault. 0x4228b5ac in JSC::FunctionExecutable::discardCode() () from /usr/lib/libjavascriptcoregtk-1.0.so.0 (gdb) bt #0 0x4228b5ac in JSC::FunctionExecutable::discardCode() () from /usr/lib/libjavascriptcoregtk-1.0.so.0 #1 0x422a1f78 in JSC::JSGlobalData::recompileAllJSFunctions() () from /usr/lib/libjavascriptcoregtk-1.0.so.0 #2 0x4219e8ac in JSC::Heap::collectAllGarbage() () from /usr/lib/libjavascriptcoregtk-1.0.so.0 #3 0x40c8e280 in ?? () from /usr/lib/libwebkitgtk-1.0.so.0 #4 0x40c8e280 in ?? () from /usr/lib/libwebkitgtk-1.0.so.0 Backtrace stopped: previous frame identical to this frame (corrupt stack?) 557346 2 ap 2012-02-15 10:06:50 -0800 Do you have any steps to reproduce? 557354 3 une.belette 2012-02-15 10:20:58 -0800 (In reply to comment #2) > Do you have any steps to reproduce? No, sorry. I can't give you the source code of the web application used in the browser because it is very too big with ajax and many others and I can't export it out of my company. The bug appears after a while navigation between multiple (big) pages. I know it was not very helpful but I don't have this bug with revision 72648 (v1.3.6) of libwebkitgtk. 557389 4 une.belette 2012-02-15 10:49:13 -0800 I see some similitaries with https://bugs.webkit.org/show_bug.cgi?id=65161 . I use also midori as browser. 558098 5 une.belette 2012-02-16 05:14:34 -0800 Hi, I have installed debug version of libwebkit, I have a better trace for you : Program received signal SIGSEGV, Segmentation fault. JSC::CodeBlock::clearEvalCache (this=0xe1a03000) at Source/JavaScriptCore/bytecode/CodeBlock.cpp:2078 2078 if (!!m_alternative) (gdb) bt #0 JSC::CodeBlock::clearEvalCache (this=0xe1a03000) at Source/JavaScriptCore/bytecode/CodeBlock.cpp:2078 #1 0x42164f14 in JSC::CodeBlock::clearEvalCache (this=0x422a630c) at Source/JavaScriptCore/bytecode/CodeBlock.cpp:2079 #2 0x4227e550 in clearCode (this=0x4237a4e0) at Source/JavaScriptCore/runtime/Executable.cpp:684 #3 JSC::FunctionExecutable::discardCode (this=0x4237a4e0) at Source/JavaScriptCore/runtime/Executable.cpp:673 #4 0x42294f78 in operator() (this=<value optimized out>) at Source/JavaScriptCore/runtime/JSGlobalData.cpp:86 #5 forEachCell<<unnamed>::Recompiler> (this=<value optimized out>) at Source/JavaScriptCore/heap/MarkedBlock.h:319 #6 forEachCell<<unnamed>::Recompiler> (this=<value optimized out>) at Source/JavaScriptCore/heap/AllocationSpace.h:89 #7 forEachCell<<unnamed>::Recompiler> (this=<value optimized out>) at Source/JavaScriptCore/heap/AllocationSpace.h:96 #8 JSC::JSGlobalData::recompileAllJSFunctions (this=<value optimized out>) at Source/JavaScriptCore/runtime/JSGlobalData.cpp:453 #9 0x421918ac in JSC::Heap::collectAllGarbage (this=0x43abe6f8) at Source/JavaScriptCore/heap/Heap.cpp:763 #10 0x40c96280 in WebCore::collect () at Source/WebCore/bindings/js/GCController.cpp:42 #11 0x40c96408 in WebCore::Timer<WebCore::GCController>::fired ( ---Type <return> to continue, or q <return> to quit--- this=<value optimized out>) at Source/WebCore/platform/Timer.h:100 #12 0x411f986c in WebCore::ThreadTimers::sharedTimerFiredInternal (this= 0x43a9c150) at Source/WebCore/platform/ThreadTimers.cpp:115 #13 0x419960c0 in WebCore::timeout_cb () at Source/WebCore/platform/gtk/SharedTimerGtk.cpp:49 #14 0x4082d984 in g_timeout_dispatch (source=0x2fd808, callback= 0x419960a8 <WebCore::timeout_cb(gpointer)>, user_data=<value optimized out>) at gmain.c:3907 #15 0x4082c98c in g_main_dispatch (context=0xd9070) at gmain.c:2441 #16 g_main_context_dispatch (context=0xd9070) at gmain.c:3011 #17 0x4082cce8 in g_main_context_iterate (context=0xd9070, block=<value optimized out>, dispatch=1, self=<value optimized out>) at gmain.c:3089 #18 0x4082d368 in g_main_loop_run (loop=0x10eb18) at gmain.c:3297 #19 0x401ccc8c in IA__gtk_main () at gtkmain.c:1256 #20 0x000248d8 in main () Hope that helps ! 560073 6 une.belette 2012-02-20 00:21:27 -0800 Hi, Have you a track, an idea ? Can I do others tests ? Regards, JL. 576078 7 une.belette 2012-03-12 05:27:48 -0700 Hi, have you track about the fault around the line if (!!m_alternative) Regards, JL. 577175 8 fpizlo 2012-03-13 02:12:24 -0700 This looks vaguely like a bug that I fixed ages ago. Am I correct to assume you're on r101488? Can you try a more recent revision? 577305 9 une.belette 2012-03-13 07:54:22 -0700 Hi Filip, Yes, I am on r101488. Unfortunately, I can't test newer revision because the angstrom distribution doesn't have newer (they have precompiled libraries in packages to install) and I try but actually can't cross compile libwebkitgtk without errors from the git sources. Could you tell me the revision or the JSC file(s) concerned by your fix ? Regards, JL. (In reply to comment #8) > This looks vaguely like a bug that I fixed ages ago. Am I correct to assume you're on r101488? Can you try a more recent revision?