RESOLVED DUPLICATE of bug 42756 51511
Crash in JavaScriptCore/jit/ExecutableAllocatorFixedVMPool.cpp:308 on x86_64 linux with <4GB ram 
https://bugs.webkit.org/show_bug.cgi?id=51511
Summary Crash in JavaScriptCore/jit/ExecutableAllocatorFixedVMPool.cpp:308 on x86_64 ...
Kevin Fenzi
Reported 2010-12-22 17:23:07 PST
JIT enabled. x86_64 linux (Fedora) machines with less than 4GB of physical memory Any webkitgtk using application crashes on start with something like: Program terminated with signal 11, Segmentation fault. #0 0x00007f3c5e7bc7c3 in FixedVMPoolAllocator (this=<value optimized out>) at JavaScriptCore/jit/ExecutableAllocatorFixedVMPool.cpp:308 308 CRASH(); #0 0x00007f3c5e7bc7c3 in FixedVMPoolAllocator (this=<value optimized out>) at JavaScriptCore/jit/ExecutableAllocatorFixedVMPool.cpp:308 #1 JSC::ExecutableAllocator::isValid (this=<value optimized out>) at JavaScriptCore/jit/ExecutableAllocatorFixedVMPool.cpp:460 #2 0x00007f3c5e72960d in ExecutableAllocator (this=0x7f3c5f458a00, globalDataType=<value optimized out>, threadStackType=JSC::ThreadStackTypeLarge) at JavaScriptCore/jit/ExecutableAllocator.h:170 #3 JSC::JSGlobalData::JSGlobalData (this=0x7f3c5f458a00, globalDataType=<value optimized out>, threadStackType=JSC::ThreadStackTypeLarge) at JavaScriptCore/runtime/JSGlobalData.cpp:151 #4 0x00007f3c5e729ff3 in JSC::JSGlobalData::create (type=JSC::ThreadStackTypeLarge) at JavaScriptCore/runtime/JSGlobalData.cpp:240 #5 0x00007f3c5e72a042 in JSC::JSGlobalData::createLeaked (type=JSC::ThreadStackTypeLarge) at JavaScriptCore/runtime/JSGlobalData.cpp:246 #6 0x00007f3c5d979462 in WebCore::JSDOMWindowBase::commonJSGlobalData () at WebCore/bindings/js/JSDOMWindowBase.cpp:160 #7 0x00007f3c5d951905 in WebCore::mainThreadNormalWorld () at WebCore/bindings/js/DOMWrapperWorld.cpp:81 #8 0x00007f3c5e13c0d6 in webkit_web_frame_get_global_context (frame=<value optimized out>) at WebKit/gtk/webkit/webkitwebframe.cpp:697 #9 0x0000000000404ae4 in newclient () at surf.c:493 #10 0x0000000000404f6d in main (argc=<value optimized out>, argv=<value optimized out>) at surf.c:839 Downstream bug report is at: https://bugzilla.redhat.com/show_bug.cgi?id=648319 with more info and crash traces. Compiling without JIT works around it. Having 4GB physical memory works around it fine. Setting linux memory overcommit to 1 works around it. Happy to provide more info, or ask downstream reporters to provide some.
Attachments
Add attachment proposed patch, testcase, etc.
Gavin Barraclough
Comment 1 2011-01-12 11:57:38 PST
*** This bug has been marked as a duplicate of bug 42756 ***
Note You need to log in before you can comment on or make changes to this bug.