29649 – [Gtk] illegal instruction with javascript enabled

RESOLVED FIXED 29649

[Gtk] illegal instruction with javascript enabled

https://bugs.webkit.org/show_bug.cgi?id=29649

Summary [Gtk] illegal instruction with javascript enabled

Frenchy82

Reported 2009-09-22 12:18:32 PDT

Launching midori or epiphany-webkit with javascript enabled, i have all the time a crash with "illegal instruction" since the 1.13 version (xubuntu karmic 9.10) Here's the backtrace *************************************** Program received signal SIGILL, Illegal instruction. 0x02141bbf in ?? () (gdb) bt #0 0x02141bbf in ?? () #1 0xbfffcf94 in ?? () #2 0xb52cd6c0 in ?? () #3 0xfffffffe in ?? () #4 0xb52d06c0 in ?? () #5 0xfffffffe in ?? () #6 0x00000005 in ?? () #7 0xffffffff in ?? () #8 0xb52c7d00 in ?? () #9 0xfffffffe in ?? () #10 0x00000006 in ?? () #11 0xbfffcfb8 in ?? () #12 0x011a8838 in WTF::VectorBufferBase<JSC::Instruction>::deallocateBuffer ( this=0x0, newCapacity=<value optimized out>) at ../JavaScriptCore/wtf/Vector.h:287 #13 WTF::Vector<JSC::Instruction, 0u>::shrinkCapacity (this=0x0, newCapacity=<value optimized out>) at ../JavaScriptCore/wtf/Vector.h:794 #14 0x011829c8 in JSC::JITCode::execute (this=0x145, program=0xbfffd090, callFrame=0xb5ff4de4, scopeChain=0xb5fdeeb8, thisObj=0xb52c0000, exception=0xbfffd0c8) at ../JavaScriptCore/jit/JITCode.h:79 #15 JSC::Interpreter::execute (this=0x145, program=0xbfffd090, callFrame=0xb5ff4de4, scopeChain=0xb5fdeeb8, thisObj=0xb52c0000, exception=0xbfffd0c8) at ../JavaScriptCore/interpreter/Interpreter.cpp:655 ---Type <return> to continue, or q <return> to quit--- #16 0x011f480f in JSC::evaluate (exec=0xb5ff4de4, scopeChain=..., source=..., thisValue=...) at ../JavaScriptCore/runtime/Completion.cpp:60 #17 0x012f93ca in WebCore::ScriptController::evaluate (this=0xb5fbc908, sourceCode=...) at ../WebCore/bindings/js/ScriptController.cpp:115 #18 0x0152eaa1 in WebCore::FrameLoader::executeScript (this=0xb5fbc6a8, sourceCode=...) at ../WebCore/loader/FrameLoader.cpp:776 #19 0x014d823c in WebCore::HTMLTokenizer::scriptExecution (this=0xb5fe0400, sourceCode=..., state=...) at ../WebCore/html/HTMLTokenizer.cpp:561 #20 0x014dbb42 in WebCore::HTMLTokenizer::scriptHandler (this=0xb5fe0400, state=...) at ../WebCore/html/HTMLTokenizer.cpp:503 #21 0x014dc54c in WebCore::HTMLTokenizer::parseNonHTMLText (this=0xb5fe0400, src=..., state=...) at ../WebCore/html/HTMLTokenizer.cpp:350 #22 0x014debdc in WebCore::HTMLTokenizer::parseTag (this=0xb5fe0400, src=..., state=...) at ../WebCore/html/HTMLTokenizer.cpp:1558 #23 0x014df53a in WebCore::HTMLTokenizer::write (this=0xb5fe0400, str=..., appendData=false) at ../WebCore/html/HTMLTokenizer.cpp:1748 #24 0x014d89ec in WebCore::HTMLTokenizer::notifyFinished (this=0xb5fe0400) at ../WebCore/html/HTMLTokenizer.cpp:2053 #25 0x0151282c in WebCore::CachedScript::checkNotify (this=0xb5fb82c0) at ../WebCore/loader/CachedScript.cpp:105 #26 0x01566ac8 in WebCore::Loader::Host::didFinishLoading (this=0xb5fb50c0, loader=0xb523ac00) at ../WebCore/loader/loader.cpp:367 #27 0x01555eb0 in WebCore::SubresourceLoader::didFinishLoading ( ---Type <return> to continue, or q <return> to quit--- this=0xb523ac00) at ../WebCore/loader/SubresourceLoader.cpp:183 #28 0x01550ce1 in WebCore::ResourceLoader::didFinishLoading (this=0xb523ac00) at ../WebCore/loader/ResourceLoader.cpp:403 #29 0x018dd78e in finishedCallback (session=0x8492218, msg=0x898ed08, data=0xb52288a8) at ../WebCore/platform/network/soup/ResourceHandleSoup.cpp:324 #30 0x008dfa01 in ?? () from /usr/lib/libsoup-2.4.so.1 #31 0x00b1715c in g_cclosure_marshal_VOID__VOID () from /usr/lib/libgobject-2.0.so.0 #32 0x00b090f2 in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0 #33 0x00b1ffae in ?? () from /usr/lib/libgobject-2.0.so.0 #34 0x00b20edd in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0 #35 0x00b21396 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0 #36 0x008d1a2b in soup_message_finished () from /usr/lib/libsoup-2.4.so.1 #37 0x008d5838 in ?? () from /usr/lib/libsoup-2.4.so.1 #38 0x00b1715c in g_cclosure_marshal_VOID__VOID () from /usr/lib/libgobject-2.0.so.0 #39 0x00b090f2 in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0 #40 0x00b1faf8 in ?? () from /usr/lib/libgobject-2.0.so.0 #41 0x00b20edd in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0 #42 0x00b21396 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0 #43 0x008e1b1d in ?? () from /usr/lib/libsoup-2.4.so.1 #44 0x00a69f5b in ?? () from /usr/lib/libglib-2.0.so.0 ---Type <return> to continue, or q <return> to quit--- #45 0x00a32f18 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 #46 0x00a367c0 in ?? () from /usr/lib/libglib-2.0.so.0 #47 0x00a36c2f in g_main_loop_run () from /usr/lib/libglib-2.0.so.0 #48 0x02cd96f9 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0 #49 0x0806fec8 in main (argc=1, argv=0xbffff494) at /build/buildd/epiphany-webkit-2.27.92/src/ephy-main.c:784 (gdb) quit *************************************************************

Attachments
Add attachment proposed patch, testcase, etc.

r_gav

Comment 1 2009-10-04 10:52:15 PDT

Confirm.

Frenchy82

Comment 2 2009-10-07 11:13:35 PDT

Last update solde this problem

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware PC

OS Linux

Product WebKit

Component JavaScriptCore

Assignee

Nobody

Reported

2009-09-22 12:18 PDT

Modified

2009-10-07 11:13 PDT History

CC List

1 user Show

URL

Keywords Gtk

Depends on

Blocks