NEW 128818
[GTK][32bit] WTFCrash at fastMalloc 
https://bugs.webkit.org/show_bug.cgi?id=128818
Summary [GTK][32bit] WTFCrash at fastMalloc
Víctor M. Jáquez L.
Reported 2014-02-14 08:50:10 PST
Using current master, with a 32 bit CPU (I've tested with armhf and i686), there's a WTFCrash when fastMalloc(), the previous frame vary from one run to another. The step to reproduce it is 1. Open MiniBrowser 2. Open this web page: http://people.igalia.com/vjaquez/wk/khan.html 3. Press on ">" to watch the next video and repeat until crash (two clicks top) On x86_64 doesn't happen.
Attachments
Add attachment proposed patch, testcase, etc.
Víctor M. Jáquez L.
Comment 1 2014-02-14 08:51:56 PST
Back trace: #0 0xb7660f32 in WTFCrash () from /home/sicom/checkout/WebKit/.libs/libjavascriptcoregtk-3.0.so.0 #1 0xb7668040 in WTF::fastMalloc(unsigned int) () from /home/sicom/checkout/WebKit/.libs/libjavascriptcoregtk-3.0.so.0 #2 0xb72a6d42 in WTF::Vector<JSC::CallLinkInfo, 0u, WTF::CrashOnOverflow>::shrinkCapacity(unsigned int) () from /home/sicom/checkout/WebKit/.libs/libjavascriptcoregtk-3.0.so.0 #3 0xb729a1c8 in JSC::CodeBlock::shrinkToFit(JSC::CodeBlock::ShrinkMode) () from /home/sicom/checkout/WebKit/.libs/libjavascriptcoregtk-3.0.so.0 #4 0xb744ed28 in JSC::JIT::privateCompile(JSC::JITCompilationEffort) () from /home/sicom/checkout/WebKit/.libs/libjavascriptcoregtk-3.0.so.0 #5 0xb7386643 in JSC::JIT::compile(JSC::VM*, JSC::CodeBlock*, JSC::JITCompilationEffort) () from /home/sicom/checkout/WebKit/.libs/libjavascriptcoregtk-3.0.so.0 #6 0xb749838c in JSC::LLInt::entryOSR(JSC::ExecState*, JSC::Instruction*, JSC::CodeBlock*, char const*, JSC::LLInt::EntryKind) [clone .isra.243] () from /home/sicom/checkout/WebKit/.libs/libjavascriptcoregtk-3.0.so.0 #7 0xb74a3377 in llint_function_for_call_prologue () from /home/sicom/checkout/WebKit/.libs/libjavascriptcoregtk-3.0.so.0 #8 0xb76aae8e in ?? () from /home/sicom/checkout/WebKit/.libs/libjavascriptcoregtk-3.0.so.0 #9 0xb74494f9 in JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) () from /home/sicom/checkout/WebKit/.libs/libjavascriptcoregtk-3.0.so.0 #10 0xb742ce07 in JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) () from /home/sicom/checkout/WebKit/.libs/libjavascriptcoregtk-3.0.so.0 #11 0xb755086e in JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) () from /home/sicom/checkout/WebKit/.libs/libjavascriptcoregtk-3.0.so.0 #12 0xb5b0300b in WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld*) () from /home/sicom/checkout/WebKit/.libs/libwebkit2gtk-3.0.so.25 #13 0xb5b032e5 in WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) () from /home/sicom/checkout/WebKit/.libs/libwebkit2gtk-3.0.so.25 #14 0xb5ccd912 in WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) () from /home/sicom/checkout/WebKit/.libs/libwebkit2gtk-3.0.so.25 #15 0xb5ccdff5 in WebCore::ScriptElement::execute(WebCore::CachedScript*) () from /home/sicom/checkout/WebKit/.libs/libwebkit2gtk-3.0.so.25 #16 0xb5cd24c4 in WebCore::ScriptRunner::timerFired(WebCore::Timer<WebCore::ScriptRunner>*) () from /home/sicom/checkout/WebKit/.libs/libwebkit2gtk-3.0.so.25 #17 0xb5cd2f35 in WebCore::Timer<WebCore::ScriptRunner>::fired() () from /home/sicom/checkout/WebKit/.libs/libwebkit2gtk-3.0.so.25 #18 0xb6ae572e in WebCore::ThreadTimers::sharedTimerFiredInternal() () from /home/sicom/checkout/WebKit/.libs/libwebkit2gtk-3.0.so.25 #19 0xb6ae57ac in WebCore::ThreadTimers::sharedTimerFired() () from /home/sicom/checkout/WebKit/.libs/libwebkit2gtk-3.0.so.25 #20 0xb6afa3cb in WebCore::timeout_cb(void*) () from /home/sicom/checkout/WebKit/.libs/libwebkit2gtk-3.0.so.25 #21 0xb4b27d43 in g_timeout_dispatch (source=0x8d6b970, callback=0xb6afa3b0 <WebCore::timeout_cb(void*)>, user_data=0x0) at gmain.c:4450 #22 0xb4b2608c in g_main_dispatch (context=0x8b47070) at gmain.c:3066 #23 0xb4b26cbe in g_main_context_dispatch (context=0x8b47070) at gmain.c:3641 #24 0xb4b26eab in g_main_context_iterate (context=0x8b47070, block=1, dispatch=1, self=0x8b6ac20) at gmain.c:3712 #25 0xb4b27325 in g_main_loop_run (loop=0x8b649d0) at gmain.c:3906 #26 0xb6af9dd0 in WebCore::RunLoop::run() () from /home/sicom/checkout/WebKit/.libs/libwebkit2gtk-3.0.so.25 #27 0xb59b2355 in WebProcessMainGtk () from /home/sicom/checkout/WebKit/.libs/libwebkit2gtk-3.0.so.25 #28 0x0804871b in ?? () #29 0xb47beb73 in __libc_start_main () from /lib/libc.so.6 #30 0x08048741 in ?? ()
Diego Pino
Comment 2 2014-03-07 14:50:52 PST
It seems there's an issue with fastMalloc in IA64. Maybe is related. https://bugs.webkit.org/show_bug.cgi?id=129542
Note You need to log in before you can comment on or make changes to this bug.