Bug 128434

Summary: [GTK] [CMake] JavaScriptCore crashes in JSC::eval
Product: WebKit Reporter: Martin Robinson <mrobinson>
Component: WebKitGTKAssignee: Martin Robinson <mrobinson>
Status: RESOLVED FIXED    
Severity: Normal CC: bunhere, commit-queue, gyuyoung.kim, ossy, rakuco, sergio, zherczeg
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 128807    
Bug Blocks: 127777    
Attachments:
Description Flags
Patch
none
Patch andersca: review+

Description Martin Robinson 2014-02-07 19:08:59 PST
Looks like we need to extend a fix from other ports.
Comment 1 Martin Robinson 2014-02-07 19:12:51 PST
Created attachment 223541 [details]
Patch
Comment 2 Martin Robinson 2014-02-07 19:15:18 PST
Zoltan, do you mind reviewing this one?
Comment 3 Gyuyoung Kim 2014-02-08 18:53:24 PST
Comment on attachment 223541 [details]
Patch

efl ews look like wrong alarm. rs=me.
Comment 4 Martin Robinson 2014-02-13 19:30:39 PST
Comment on attachment 223541 [details]
Patch

Landed in http://trac.webkit.org/changeset/164090 .
Comment 5 Csaba Osztrogonác 2014-02-13 23:29:17 PST
Comment on attachment 223541 [details]
Patch

EWS doesn't lie ... It broke the EFL build as the EWS noticed. I think the fno-maybe-uninitialized option was overwritten.
Comment 6 Csaba Osztrogonác 2014-02-14 04:12:19 PST
build log:
/mnt/buildbot/efl-linux-slave-1/efl-linux-64-release-wk1/build/Source/JavaScriptCore/runtime/JSArray.cpp: In member function ‘void JSC::JSArray::copyToArguments(JSC::ExecState*, JSC::CallFrame*, uint32_t)’:
/mnt/buildbot/efl-linux-slave-1/efl-linux-64-release-wk1/build/Source/JavaScriptCore/runtime/JSArray.cpp:1543:6: error: ‘value.JSC::JSValue::u.JSC::EncodedValueDescriptor::asInt64’ may be used uninitialized in this function [-Werror=uninitialized]
/mnt/buildbot/efl-linux-slave-1/efl-linux-64-release-wk1/build/Source/JavaScriptCore/runtime/JSArray.cpp:1543:6: error: ‘value.JSC::JSValue::u.JSC::EncodedValueDescriptor::asInt64’ may be used uninitialized in this function [-Werror=uninitialized]
cc1plus: all warnings being treated as errors

The problem was caused by the -fno-tree-dce option. Unfortunately this error
message isn't so useful because of inline functions. (line 1543 is the first
line of the copyToArguments() function)

I played a little bit with this function and it seems the problem is near here:
https://trac.webkit.org/browser/trunk/Source/JavaScriptCore/runtime/JSArray.cpp#L1598

With commenting out this line, build works, so the build failure occured
in this line. But unfortunately I have no idea how can it be uninitialized.
Comment 7 Martin Robinson 2014-02-16 09:09:05 PST
Created attachment 224319 [details]
Patch
Comment 8 Martin Robinson 2014-02-16 09:11:18 PST
Okay. I reworked the patch to only apply to the GTK+ port. Thanks for the cleanup Ossy.
Comment 9 Martin Robinson 2014-02-16 09:11:18 PST
Okay. I reworked the patch to only apply to the GTK+ port. Thanks for the cleanup Ossy.
Comment 10 Csaba Osztrogonác 2014-02-17 08:54:47 PST
Comment on attachment 224319 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=224319&action=review

> ChangeLog:9
> +        * Source/cmake/OptionsGTK.cmake: Add -fno-omit-frame-pointer to all ports as well
> +        as -fno-tree-dce, like it is used in the autotools build.

-fno-tree-dce is GTK only now, please fix the comment before landing.
Comment 11 Martin Robinson 2014-02-17 16:25:52 PST
Committed r164257: <http://trac.webkit.org/changeset/164257>