Bug#688640: JavaScriptCore segmentation fault on PowerPC

Joseph Spiros joseph at josephspiros.com
Mon Sep 24 12:09:23 UTC 2012 

Package: libjavascriptcoregtk-3.0-0
Version: 1.8.1-3.3
Severity: grave

I'm primarily running wheezy with a few sid packages on a powerpc machine (linux-image-3.2.0-3-powerpc64 [3.2.23-1]), and every application that attempts to use libwebkitgtk-3.0-0 (and therefore, libjavascriptcoregtk-3.0-0, the actual source of this issue) to access http://google.com/ exits with a segmentation fault immediately (before it has a chance to render the page). This also occurs with package version 1.8.1-2, the current version in wheezy as of this moment. The following traceback was generated with epiphany-browser, with libwebkitgtk-3.0-0-dbg and libjavascriptcoregtk-3.0-0-dbg installed. The fault appears in exactly the same place in other applications, and with or without the debug packages installed (well, actually, they stop at "JSC::CodeBlock::visitStructures(JSC::SlotVisitor&, JSC::Instruction*)", so the debug packages do provide a bit more depth).

#0  testAndSet (n=<optimized out>, this=0x28) at ../Source/JavaScriptCore/wtf/Bitmap.h:98
#1  concurrentTestAndSet (n=<optimized out>, this=0x28) at ../Source/JavaScriptCore/wtf/Bitmap.h:117
#2  testAndSetMarked (this=0x0, p=0x0) at ../Source/JavaScriptCore/heap/MarkedBlock.h:279
#3  testAndSetMarked (cell=0x0) at ../Source/JavaScriptCore/heap/Heap.h:261
#4  internalAppend (cell=0x0, this=0xf5c3bba8) at ../Source/JavaScriptCore/runtime/Structure.h:359
#5  append<JSC::Structure> (slot=<optimized out>, this=0xf5c3bba8) at ../Source/JavaScriptCore/runtime/WriteBarrier.h:229
#6  JSC::CodeBlock::visitStructures (this=<optimized out>, visitor=..., vPC=<optimized out>) at ../Source/JavaScriptCore/bytecode/CodeBlock.cpp:1602
#7  0x0d0d4850 in JSC::CodeBlock::stronglyVisitStrongReferences (this=0xf5bef0e0, visitor=...) at ../Source/JavaScriptCore/bytecode/CodeBlock.cpp:1856
#8  0x0d0d49c0 in JSC::CodeBlock::visitAggregate (this=0xf5bef0e0, visitor=...) at ../Source/JavaScriptCore/bytecode/CodeBlock.cpp:1630
#9  0x0d1ccdb0 in JSC::FunctionExecutable::visitChildren (cell=0xee1bb140, visitor=...) at ../Source/JavaScriptCore/runtime/Executable.cpp:601
#10 0x0d11813c in visitChildren (cell=<optimized out>, visitor=...) at ../Source/JavaScriptCore/heap/MarkStack.cpp:322
#11 JSC::SlotVisitor::drain (this=0xf5c3bba8) at ../Source/JavaScriptCore/heap/MarkStack.cpp:360
#12 0x0d1140c0 in donateAndDrain (this=0xf5c3bba8) at ../Source/JavaScriptCore/heap/SlotVisitor.h:55
#13 JSC::Heap::markRoots (this=0xf5c3b2f0, fullGC=<optimized out>) at ../Source/JavaScriptCore/heap/Heap.cpp:631
#14 0x0d11498c in JSC::Heap::collect (this=0xf5c3b2f0, sweepToggle=JSC::Heap::DoNotSweep) at ../Source/JavaScriptCore/heap/Heap.cpp:796
#15 0x0d119b04 in JSC::MarkedAllocator::allocateSlowCase (this=0xf5c3b308) at ../Source/JavaScriptCore/heap/MarkedAllocator.cpp:70
#16 0x0d13908c in allocate (this=<optimized out>) at ../Source/JavaScriptCore/heap/MarkedAllocator.h:73
#17 allocateWithDestructor (this=<optimized out>, bytes=12) at ../Source/JavaScriptCore/heap/MarkedSpace.h:162
#18 allocateWithDestructor (bytes=12, this=<optimized out>) at ../Source/JavaScriptCore/heap/Heap.h:344
#19 allocateCell<JSC::StructureChain> (heap=...) at ../Source/JavaScriptCore/runtime/JSCell.h:334
#20 create (head=0xee1bb410, globalData=...) at ../Source/JavaScriptCore/runtime/StructureChain.h:50
#21 JSC::Structure::prototypeChain (this=0xee1bb3c0, exec=<optimized out>) at ../Source/JavaScriptCore/runtime/JSGlobalObject.h:392
#22 0x0d122ab8 in JSC::Interpreter::tryCacheGetByID (this=0xf5be2a00, callFrame=0xee1c4210, codeBlock=<optimized out>, vPC=<optimized out>, baseValue=<error reading variable: value has been optimized out>, propertyName=..., 
    slot=...) at ../Source/JavaScriptCore/interpreter/Interpreter.cpp:1790
#23 0x0d12b650 in JSC::Interpreter::privateExecute (this=0xf5be2a00, flag=<optimized out>, registerFile=0xf5be2a0c, callFrame=0xee1c4210) at ../Source/JavaScriptCore/interpreter/Interpreter.cpp:2967
#24 0x0d136d28 in JSC::Interpreter::execute (this=0xf5be2a00, program=0xed19f900, callFrame=0xed15fcb8, scopeChain=<optimized out>, thisObj=<optimized out>) at ../Source/JavaScriptCore/interpreter/Interpreter.cpp:1142
#25 0x0d1bc0c4 in JSC::evaluate (exec=0xed15fcb8, scopeChain=0xed13ffe0, source=..., thisValue=..., returnedException=0xffffbca0) at ../Source/JavaScriptCore/runtime/Completion.cpp:73
#26 0x0e8770e8 in evaluate (exception=0xffffbca0, thisValue=..., source=..., chain=<optimized out>, exec=0xed15fcb8) at ../Source/WebCore/bindings/js/JSMainThreadExecState.h:85
#27 WebCore::ScriptController::evaluateInWorld (this=0xf5bf9a40, sourceCode=..., world=<optimized out>) at ../Source/WebCore/bindings/js/ScriptController.cpp:145
#28 0x0e877718 in WebCore::ScriptController::evaluate (this=<optimized out>, sourceCode=...) at ../Source/WebCore/bindings/js/ScriptController.cpp:162
#29 0x0ea12934 in executeScript (sourceCode=..., this=<optimized out>) at ../Source/WebCore/dom/ScriptElement.cpp:288
#30 WebCore::ScriptElement::executeScript (this=<optimized out>, sourceCode=...) at ../Source/WebCore/dom/ScriptElement.cpp:270
#31 0x0ea14bd8 in prepareScript (supportLegacyTypes=<optimized out>, scriptStartPosition=..., this=<optimized out>) at ../Source/WebCore/dom/ScriptElement.cpp:241
#32 WebCore::ScriptElement::prepareScript (this=<optimized out>, scriptStartPosition=..., supportLegacyTypes=<optimized out>) at ../Source/WebCore/dom/ScriptElement.cpp:158
#33 0x0ebbdc2c in WebCore::HTMLScriptRunner::runScript (this=0xf5be7770, script=0xf5be8370, scriptStartPosition=...) at ../Source/WebCore/html/parser/HTMLScriptRunner.cpp:296
#34 0x0ebbe630 in WebCore::HTMLScriptRunner::execute (this=0xf5be7770, scriptElement=..., scriptStartPosition=...) at ../Source/WebCore/html/parser/HTMLScriptRunner.cpp:170
#35 0x0ebab504 in WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder (this=0xf5c2c000) at ../Source/WebCore/html/parser/HTMLDocumentParser.cpp:207
#36 0x0ebab648 in WebCore::HTMLDocumentParser::canTakeNextToken (this=0xf5c2c000, mode=WebCore::HTMLDocumentParser::AllowYield, session=...) at ../Source/WebCore/html/parser/HTMLDocumentParser.cpp:225
#37 0x0ebab884 in WebCore::HTMLDocumentParser::pumpTokenizer (this=0xf5c2c000, mode=WebCore::HTMLDocumentParser::AllowYield) at ../Source/WebCore/html/parser/HTMLDocumentParser.cpp:263
#38 0x0ebabeec in pumpTokenizerIfPossible (mode=<optimized out>, this=0xf5c2c000) at ../Source/WebCore/html/parser/HTMLDocumentParser.cpp:177
#39 WebCore::HTMLDocumentParser::pumpTokenizerIfPossible (this=0xf5c2c000, mode=<optimized out>) at ../Source/WebCore/html/parser/HTMLDocumentParser.cpp:166
#40 0x0ebac770 in append (source=..., this=0xf5c2c000) at ../Source/WebCore/html/parser/HTMLDocumentParser.cpp:370
#41 WebCore::HTMLDocumentParser::append (this=0xf5c2c000, source=...) at ../Source/WebCore/html/parser/HTMLDocumentParser.cpp:340
#42 0x0e993cc4 in appendBytes (length=<optimized out>, data=<optimized out>, writer=<optimized out>, this=0xf5c2c000) at ../Source/WebCore/dom/DecodedDataDocumentParser.cpp:50
#43 WebCore::DecodedDataDocumentParser::appendBytes (this=0xf5c2c000, writer=<optimized out>, data=<optimized out>, length=<optimized out>) at ../Source/WebCore/dom/DecodedDataDocumentParser.cpp:40
#44 0x0ece32dc in WebCore::DocumentWriter::addData (this=<optimized out>, bytes=<optimized out>, length=<optimized out>) at ../Source/WebCore/loader/DocumentWriter.cpp:206
#45 0x0ecd6e28 in WebCore::DocumentLoader::commitData (this=0xf5bf9080, 
    bytes=0x103fbea0 "={};window.chrome.sv=2.00;if(!window.chrome.searchBox)window.chrome.searchBox=\n{};window.chrome.searchBox.onsubmit=function(){google.x({id:\"psyapi\"},function(){var a=encodeURIComponent(window.chrome.s"..., length=8192) at ../Source/WebCore/loader/DocumentLoader.cpp:327
#46 0x0e6cc9a4 in WebKit::FrameLoaderClient::committedLoad (this=0xf5bf1dd0, loader=0xf5bf9080, 
    data=0x103fbea0 "={};window.chrome.sv=2.00;if(!window.chrome.searchBox)window.chrome.searchBox=\n{};window.chrome.searchBox.onsubmit=function(){google.x({id:\"psyapi\"},function(){var a=encodeURIComponent(window.chrome.s"..., 
    length=<optimized out>) at ../Source/WebKit/gtk/WebCoreSupport/FrameLoaderClientGtk.cpp:169
#47 0x0ecd6ce8 in WebCore::DocumentLoader::commitLoad (this=0xf5bf9080, 
    data=0x103fbea0 "={};window.chrome.sv=2.00;if(!window.chrome.searchBox)window.chrome.searchBox=\n{};window.chrome.searchBox.onsubmit=function(){google.x({id:\"psyapi\"},function(){var a=encodeURIComponent(window.chrome.s"..., 
    length=8192) at ../Source/WebCore/loader/DocumentLoader.cpp:313
#48 0x0ecd6fd4 in WebCore::DocumentLoader::receivedData (this=0xf5bf9080, 
    data=0x103fbea0 "={};window.chrome.sv=2.00;if(!window.chrome.searchBox)window.chrome.searchBox=\n{};window.chrome.searchBox.onsubmit=function(){google.x({id:\"psyapi\"},function(){var a=encodeURIComponent(window.chrome.s"..., 
    length=8192) at ../Source/WebCore/loader/DocumentLoader.cpp:339
#49 0x0ed0fc68 in WebCore::MainResourceLoader::addData (this=0xf5c30b00, 
    data=0x103fbea0 "={};window.chrome.sv=2.00;if(!window.chrome.searchBox)window.chrome.searchBox=\n{};window.chrome.searchBox.onsubmit=function(){google.x({id:\"psyapi\"},function(){var a=encodeURIComponent(window.chrome.s"..., 
    length=8192, allAtOnce=<optimized out>) at ../Source/WebCore/loader/MainResourceLoader.cpp:170
#50 0x0ed24994 in WebCore::ResourceLoader::didReceiveData (this=0xf5c30b00, 
    data=0x103fbea0 "={};window.chrome.sv=2.00;if(!window.chrome.searchBox)window.chrome.searchBox=\n{};window.chrome.searchBox.onsubmit=function(){google.x({id:\"psyapi\"},function(){var a=encodeURIComponent(window.chrome.s"..., 
    length=8192, encodedDataLength=<optimized out>, allAtOnce=<optimized out>) at ../Source/WebCore/loader/ResourceLoader.cpp:287
#51 0x0ed0fd5c in WebCore::MainResourceLoader::didReceiveData (this=0xf5c30b00, 
    data=0x103fbea0 "={};window.chrome.sv=2.00;if(!window.chrome.searchBox)window.chrome.searchBox=\n{};window.chrome.searchBox.onsubmit=function(){google.x({id:\"psyapi\"},function(){var a=encodeURIComponent(window.chrome.s"..., 
    length=8192, encodedDataLength=<optimized out>, allAtOnce=<optimized out>) at ../Source/WebCore/loader/MainResourceLoader.cpp:464
#52 0x0ed23e00 in WebCore::ResourceLoader::didReceiveData (this=0xf5c30b00, 
    data=0x103fbea0 "={};window.chrome.sv=2.00;if(!window.chrome.searchBox)window.chrome.searchBox=\n{};window.chrome.searchBox.onsubmit=function(){google.x({id:\"psyapi\"},function(){var a=encodeURIComponent(window.chrome.s"..., 
    length=8192, encodedDataLength=8192) at ../Source/WebCore/loader/ResourceLoader.cpp:441
#53 0x0ee7a508 in WebCore::readCallback (source=<optimized out>, asyncResult=0x103b2318, data=0xf5bdd6e0) at ../Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:727
#54 0x0da64374 in ?? () from /usr/lib/powerpc-linux-gnu/libgio-2.0.so.0
#55 0x0da7d82c in g_simple_async_result_complete () from /usr/lib/powerpc-linux-gnu/libgio-2.0.so.0
#56 0x0dc6f798 in ?? () from /usr/lib/powerpc-linux-gnu/libsoup-2.4.so.1
#57 0x0dc6ec78 in ?? () from /usr/lib/powerpc-linux-gnu/libsoup-2.4.so.1
#58 0x0d82cd60 in g_cclosure_marshal_VOID__BOXED () from /usr/lib/powerpc-linux-gnu/libgobject-2.0.so.0
#59 0x0d828d1c in g_closure_invoke () from /usr/lib/powerpc-linux-gnu/libgobject-2.0.so.0
#60 0x0d83eaf0 in ?? () from /usr/lib/powerpc-linux-gnu/libgobject-2.0.so.0
#61 0x0d846ea4 in g_signal_emit_valist () from /usr/lib/powerpc-linux-gnu/libgobject-2.0.so.0
#62 0x0d847070 in g_signal_emit () from /usr/lib/powerpc-linux-gnu/libgobject-2.0.so.0
#63 0x0dc72fe8 in soup_message_got_chunk () from /usr/lib/powerpc-linux-gnu/libsoup-2.4.so.1
#64 0x0dc794e4 in ?? () from /usr/lib/powerpc-linux-gnu/libsoup-2.4.so.1
#65 0x0dc7a024 in ?? () from /usr/lib/powerpc-linux-gnu/libsoup-2.4.so.1
#66 0x0dc7a3e4 in ?? () from /usr/lib/powerpc-linux-gnu/libsoup-2.4.so.1
#67 0x0d725344 in ?? () from /lib/powerpc-linux-gnu/libglib-2.0.so.0
#68 0x0d7285a8 in g_main_context_dispatch () from /lib/powerpc-linux-gnu/libglib-2.0.so.0
#69 0x0d728958 in ?? () from /lib/powerpc-linux-gnu/libglib-2.0.so.0
#70 0x0d728a4c in g_main_context_iteration () from /lib/powerpc-linux-gnu/libglib-2.0.so.0
#71 0x0dab4f34 in g_application_run () from /usr/lib/powerpc-linux-gnu/libgio-2.0.so.0
#72 0x10023b94 in main ()

-- 
Joseph Spiros
joseph at josephspiros.com
+1 (440) 707-6855

More information about the Pkg-webkit-maintainers mailing list