[haiku-bugs] [Haiku] #13251: Crash in JSC::MarkedBlock::clearMarks()

  • From: "humdinger" <trac@xxxxxxxxxxxx>
  • Date: Wed, 25 Jan 2017 16:13:00 -0000

#13251: Crash in JSC::MarkedBlock::clearMarks()
--------------------------------------+------------------------------
 Reporter:  humdinger                 |        Owner:  pulkomandy
     Type:  bug                       |       Status:  new
 Priority:  normal                    |    Milestone:  Unscheduled
Component:  Applications/WebPositive  |      Version:  R1/Development
 Keywords:                            |   Blocked By:
 Blocking:                            |  Has a Patch:  0
 Platform:  All                       |
--------------------------------------+------------------------------
 This is hrev50873.

 Web+ crashed after sending a comment and closing a ticket on Trac. That
 transaction was successful though.

 Part of the crash report, complete report attached:
 {{{
 0x72a98c18      0x4b30825       JSC::MarkedBlock::clearMarks() + 0x15
         Disassembly:
                 JSC::MarkedBlock::clearMarks():
                 0x04b30810:               55  push %ebp
                 0x04b30811:             89e5  mov %esp, %ebp
                 0x04b30813:           83ec08  sub $0x8, %esp
                 0x04b30816:           8b4508  mov 0x8(%ebp), %eax
                 0x04b30819:           895df8  mov %ebx, -0x8(%ebp)
                 0x04b3081c:           8975fc  mov %esi, -0x4(%ebp)
                 0x04b3081f:     8b90b4000000  mov 0xb4(%eax), %edx
                 0x04b30825:         837a4803  cmp $0x3, 0x48(%edx) <--

         Frame memory:
                 [0x72a98c10]  ....|J..   b4 84 f9 04 7c 4a c0 19
 0x72a98c58      0x4b32a96       JSC::MarkedSpace::clearMarks() + 0x1a6
 0x72a98c78      0x4b22dd8       JSC::Heap::clearLivenessData() + 0x28
 0x72a98f08      0x4b23cbe       JSC::Heap::markRoots(double, void*, void*,
 __jmp_buf_tag[1]&) + 0x1de
 0x72a98f78      0x4b29b04       JSC::Heap::collectImpl(JSC::HeapOperation,
 void*, void*, __jmp_buf_tag[1]&) + 0x1b4
 0x72a98ff8      0x4b29d9c       JSC::Heap::collect(JSC::HeapOperation) +
 0x7c
 0x72a99028      0x4b29e7d
 JSC::Heap::collectAndSweep(JSC::HeapOperation) + 0x3d
 0x72a99058      0x3ea44df       WebCore::GCController::gcTimerFired() +
 0x3f
 0x72a99078      0x3ea4891       std::_Function_handler<void ()(),
 std::_Bind<std::_Mem_fn<void (WebCore::GCController::*)()>
 ()(WebCore::GCController*)> >::_M_invoke(std::_Any_data const&) + 0x21
 0x72a99098      0x33df3a2       WebCore::Timer::fired() + 0x22
 0x72a990e8      0x384699f
 WebCore::ThreadTimers::sharedTimerFiredInternal() + 0xaf
 0x72a99108      0x3846a0d       WebCore::ThreadTimers::sharedTimerFired()
 + 0x1d
 0x72a99118      0x3c24f46
 WebCore::SharedTimerHaiku::MessageReceived(BMessage*) + 0x16
 0x72a99140      0x246c3e9       BLooper::DispatchMessage(BMessage*,
 BHandler*) + 0x51
 0x72a99330      0x24646fd       BApplication::DispatchMessage(BMessage*,
 BHandler*) + 0x29
 0x72a99380      0x246c761       BLooper::task_looper() + 0x1db
 0x72a993a0      0x2461319       BApplication::Run() + 0x57
 0x72a993e0      0x1be8c7c       main + 0x40
 0x72a99408      0x1bdd186       _start + 0x4b
 0x72a99438      0x27ebcf0       runtime_loader + 0x130
 00000000        0x6132c250      commpage_thread_exit + 0
 }}}

--
Ticket URL: <https://dev.haiku-os.org/ticket/13251>
Haiku <https://dev.haiku-os.org>
Haiku - the operating system.

Other related posts:

  1. Home
  2. haiku-bugs
  3. Archive
  4. 01-2017