[Pkg-chromium-maint] Bug#584562: Bug#584562: cromium-browser-inspector: Javascript debugger crashes tab

Giuseppe Iuculano giuseppe at iuculano.it
Wed Jul 7 10:10:00 UTC 2010


reassign 584562 libv8
thanks

Hi Mattia,

On 07/07/2010 09:05 AM, Mattia Monga wrote:
> Dear Jonathan,
> 
> I attached to this message a minimalistic failure test case. You
> should be able to reproduce the failure with the following recipe
> 
> 
> $ LANG=C chromium-browser test.html
> # select 'inspect element' from right-click menu
> # select 'Scripts'
> # select 'test.html'
> # put a breakpoint on line 7 (by clicking on it)
> # push reload button
> # I get the 'Aw, Snap!' page with the generic error message
> # Segfault info is available in the system logs
> $ dmesg
> ....
> [15594.289025] chromium-browse[31390]: segfault at 0 ip
> 00007f700fe69b00 sp 00007fff69b9fc00 error 4 in
> libv8.so.2.2.18[7f700fd0d000+2ab000]


Thanks, I reproduced that and I think this is a libv8 issue:


$ chromium-browser -g
# Env:
#     LD_LIBRARY_PATH=/usr/lib/chromium-browser:/usr/lib/xulrunner-1.9.1
#
PATH=/usr/lib/chromium-browser:/usr/local/bin:/usr/bin:/bin:/usr/games
#            GTK_PATH=
# CHROMIUM_USER_FLAGS=
#      CHROMIUM_FLAGS=
/usr/bin/gdb /usr/lib/chromium-browser/chromium-browser -x
/tmp/chromiumargs.y1Vj2Y
GNU gdb (GDB) 7.0.1-debian
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later
<http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i486-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from
/usr/lib/chromium-browser/chromium-browser...Reading symbols from
/usr/lib/debug/usr/lib/chromium-browser/chromium-browser...done.
(no debugging symbols found)...done.
(gdb) run --single-process test.html
Starting program: /usr/lib/chromium-browser/chromium-browser
--single-process test.html
[Thread debugging using libthread_db enabled]
[New Thread 0xb5417b70 (LWP 8230)]
[New Thread 0xb4a8cb70 (LWP 8231)]
[New Thread 0xb428bb70 (LWP 8232)]
[New Thread 0xb3a8ab70 (LWP 8233)]
[New Thread 0xb3289b70 (LWP 8234)]
[New Thread 0xb2a88b70 (LWP 8235)]
[New Thread 0xb2287b70 (LWP 8236)]
[New Thread 0xb20ffb70 (LWP 8237)]
[8222:8235:15285586094:ERROR:chrome/browser/net/chrome_url_request_context.cc(97)]
Cannot use V8 Proxy resolver in single process mode.
[New Thread 0xb16d4b70 (LWP 8238)]
[New Thread 0xb0ed2b70 (LWP 8239)]
[New Thread 0xb0644b70 (LWP 8240)]
[Thread 0xb0644b70 (LWP 8240) exited]
[New Thread 0xb0644b70 (LWP 8241)]
[New Thread 0xae6d2b70 (LWP 8242)]
[New Thread 0xadcffb70 (LWP 8243)]
[New Thread 0xad2ffb70 (LWP 8244)]
[New Thread 0xaf8ffb70 (LWP 8245)]
[New Thread 0xaf0feb70 (LWP 8246)]
[New Thread 0xb06b0b70 (LWP 8247)]
[New Thread 0xa4bbab70 (LWP 8248)]
[Thread 0xa4bbab70 (LWP 8248) exited]
Attempting to load libmoonloaderxpi
[New Thread 0xa4bbab70 (LWP 8284)]
[New Thread 0xa23afb70 (LWP 8285)]
[Thread 0xa23afb70 (LWP 8285) exited]
[New Thread 0xa23afb70 (LWP 8286)]
[Thread 0xa23afb70 (LWP 8286) exited]
[New Thread 0xa0bacb70 (LWP 8287)]
[New Thread 0xa0b1ab70 (LWP 8288)]
[New Thread 0x9f9a2b70 (LWP 8289)]
[New Thread 0x9f979b70 (LWP 8290)]
[New Thread 0x9f958b70 (LWP 8291)]
[New Thread 0x9fe87b70 (LWP 8293)]
[8222:8222:15298595139:ERROR:chrome/browser/gtk/browser_window_gtk.cc(697)]
Not implemented reached in virtual void BrowserWindowGtk::FocusDevTools()
[8222:8222:15298799535:ERROR:chrome/browser/gtk/browser_window_gtk.cc(697)]
Not implemented reached in virtual void BrowserWindowGtk::FocusDevTools()
[New Thread 0x9fd8db70 (LWP 8294)]
[Thread 0xa0bacb70 (LWP 8287) exited]
[Thread 0xa0b1ab70 (LWP 8288) exited]
[Thread 0x9f958b70 (LWP 8291) exited]
[New Thread 0x9f958b70 (LWP 8295)]
[New Thread 0xa0b1ab70 (LWP 8296)]
[New Thread 0xa0bacb70 (LWP 8297)]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xaf8ffb70 (LWP 8245)]
0xb61887a7 in
v8::internal::Runtime_GetScopeCount(v8::internal::Arguments) () from
/usr/lib/libv8.so.2.2.18
(gdb) bt full
#0  0xb61887a7 in
v8::internal::Runtime_GetScopeCount(v8::internal::Arguments) () from
/usr/lib/libv8.so.2.2.18
No symbol table info available.
#1  0xafe2406e in ?? ()
No symbol table info available.
#2  0x9ea5530a in ?? ()
No symbol table info available.
#3  0x9ea5524f in ?? ()
No symbol table info available.
#4  0x9ea5287a in ?? ()
No symbol table info available.
#5  0x9e6e4a1f in ?? ()
No symbol table info available.
#6  0x9e6e395a in ?? ()
No symbol table info available.
#7  0x9e6e37c1 in ?? ()
No symbol table info available.
#8  0x9eb21545 in ?? ()
No symbol table info available.
#9  0x9e6e3801 in ?? ()
No symbol table info available.
#10 0x9e6e3524 in ?? ()
No symbol table info available.
#11 0x9e6e2f4e in ?? ()
No symbol table info available.
#12 0x9e6f92c9 in ?? ()
No symbol table info available.
#13 0x9e6f6d46 in ?? ()
No symbol table info available.
#14 0xafe24c3b in ?? ()
No symbol table info available.
#15 0xafe242c2 in ?? ()
No symbol table info available.
#16 0xb60224ff in Invoke (construct=<value optimized out>, func=...,
receiver=..., argc=1, args=0xaf8fd7fc, has_pending_exception=0xaf8fd6ff)
    at src/execution.cc:94
        save = {context_ = {location_ = 0x9656d2c}, prev_ = 0xaf8fda04,
js_sp_ = 0xaf8fe568 ""}
        state = {disabled_ = true, state_ = v8::internal::OTHER,
previous_ = 0xb60522d0, external_callback_ = 0x0, static current_state_
= 0x0}
        value = <value optimized out>
        code = {location_ = 0x9656d28}
#17 0xb6022a08 in v8::internal::Execution::Call (func=..., receiver=...,
argc=1, args=0xaf8fd7fc, pending_exception=0xaf8fd6ff) at
src/execution.cc:121
No locals.
#18 0xb5fec76a in v8::Function::Call (this=0x9656d20, recv=..., argc=1,
argv=0xaf8fd7fc) at src/api.cc:2759
        scope = {previous_ = {extensions = 0, next = 0x9656d28, limit =
0x9657ad8}, is_closed_ = false}
        has_pending_exception = false
        returned = <value optimized out>
        __state__ = {disabled_ = true, state_ = v8::internal::OTHER,
previous_ = 0x3, external_callback_ = 0x0, static current_state_ = 0x0}
        raw_result = 0xafae1bb8
#19 0xb601d683 in v8::internal::Debugger::NotifyMessageHandler
(event=v8::Break, exec_state=..., event_data=..., auto_continue=true) at
src/debug.cc:2361
        command = {text_ = {start_ = 0xafae1bb8, length_ = 84},
client_data_ = 0xafb1b4e0}
        try_catch = {next_ = 0xaf8fd7dc, exception_ = 0xb064a0c5,
message_ = 0x0, is_verbose_ = false, can_continue_ = true,
capture_message_ = true,
          rethrow_ = false}
        response_val = {<v8::Handle<v8::Value>> = {val_ = 0x6}, <No data
fields>}
---Type <return> to continue, or q <return> to quit---
        fun_name = <value optimized out>
        argv = {{val_ = 0x9656d24}}
        running = true
        try_catch = {next_ = 0xaf8fe1ec, exception_ = 0xb064a0c5,
message_ = 0x0, is_verbose_ = false, can_continue_ = true,
capture_message_ = true,
          rethrow_ = false}
#20 0xb601de1f in v8::internal::Debugger::ProcessDebugEvent
(event=v8::Break, event_data=..., auto_continue=true) at src/debug.cc:2188
        caught_exception = false
#21 0xb601e927 in v8::internal::Debugger::OnDebugBreak
(break_points_hit=..., auto_continue=false) at src/debug.cc:2042
        caught_exception = false
        exec_state = <value optimized out>
        event_data = {location_ = 0x0}
#22 0xb6023b40 in v8::internal::Execution::ProcessDebugMesssages
(debug_command_only=false) at src/execution.cc:655
        debugger = {prev_ = 0xaf8fe360, it_ = {iterator_ = {EntryFrame_
= {<v8::internal::StackFrame> = {_vptr.StackFrame = 0xb622b148,
                  iterator_ = 0xaf8fd944, state_ = {sp = 0xb5fdfbcb
"\203\354\004\213D$\034\203\304([Ð\215\203\070\353\333\377\211\203\300H",
                    fp = 0xaf8fd96c "Ȱ\"\266Dُ\257 可L可\034可\b\260\"
\266Dُ\257h可t可d可", pc_address = 0xb5b59ff4}}, <No data fields>},
              EntryConstructFrame_ = {<v8::internal::EntryFrame> =
{<v8::internal::StackFrame> = {_vptr.StackFrame = 0xb622b108, iterator_
= 0xaf8fd944,
                    state_ = {sp = 0x9d581068
"\200\004B\t\210\373\064\236\360x7\236x\355B\t\210\373\064\236", fp =
0x3 <Address 0x3 out of bounds>,
                      pc_address = 0x91c09e0}}, <No data fields>}, <No
data fields>}, ExitFrame_ = {<v8::internal::StackFrame> = {
                  _vptr.StackFrame = 0xb622b0c8, iterator_ = 0xaf8fd944,
state_ = {sp = 0xaf8fe520 "", fp = 0xaf8fe54c "`可Us\342\257\001s\342
\257\n",
                    pc_address = 0xaf8fe51c}}, <No data fields>},
JavaScriptFrame_ = {<v8::internal::StandardFrame> =
{<v8::internal::StackFrame> = {
                    _vptr.StackFrame = 0xb622b008, iterator_ =
0xaf8fd944, state_ = {sp = 0xaf8fe568 "",
                      fp = 0xaf8fe574 "\214可\022\071\265\236E\245f\260ݕ
\a\236-Ӌ\236\021Ӌ\236\324可\217<\265\236\251\260\210\236E\245f\260\254可
\324可\002", pc_address = 0xaf8fe564}}, <No data fields>},
disable_heap_access_ = false},
              InternalFrame_ = {<v8::internal::StandardFrame> =
{<v8::internal::StackFrame> = {_vptr.StackFrame = 0xb622afc8, iterator_
= 0xaf8fd944,
                    state_ = {sp = 0xaf8fe554 "\001s\342\257\n", fp =
0xaf8fe560 "t可\315\061\265\236",
                      pc_address = 0xaf8fe550}}, <No data fields>}, <No
data fields>},
              ConstructFrame_ = {<v8::internal::InternalFrame> =
{<v8::internal::StandardFrame> = {<v8::internal::StackFrame> = {
                      _vptr.StackFrame = 0xb6228548, iterator_ =
0xaf8fd944, state_ = {sp = 0xb597473e "\201öX\r", fp = 0xb59735b6
"\201\303>j\r",
                        pc_address = 0x9657ad8}}, <No data fields>}, <No
data fields>}, <No data fields>},
              ArgumentsAdaptorFrame_ = {<v8::internal::JavaScriptFrame>
= {<v8::internal::StandardFrame> = {<v8::internal::StackFrame> = {
                      _vptr.StackFrame = 0xb622b048, iterator_ =
0xaf8fd944, state_ = {sp = 0x9656bfc "i\rP\237\030\002",
                        fp = 0xb603d93c "\201\303<\v\037", pc_address =
0xb064a0c5}}, <No data fields>}, disable_heap_access_ = false}, <No data
fields>},
              frame_ = 0xaf8fd980, handler_ = 0xaf8fe59c, thread_ =
0xb6242ca0, fp_ = 0x0, sp_ = 0x0,
              advance_ = 0xb60332e0
<v8::internal::StackFrameIterator::AdvanceWithHandler()>}},
has_js_frames_ = true, break_frame_id_ = 2945443200,
          break_id_ = 244, load_failed_ = false, save_ = {context_ =
{location_ = 0x9656bfc}, prev_ = 0xaf8fe424, js_sp_ = 0xaf8fe568 ""}}
#23 0xb5fd4b9b in v8::Debug::ProcessDebugMessages () at src/api.cc:4293
No locals.
#24 0x088a0c22 in WebKit::DebuggerAgentImpl::processDebugCommands
(this=0x99a0540) at
third_party/WebKit/WebKit/chromium/src/DebuggerAgentImpl.cpp:78
No locals.
#25 0x0886d453 in WebKit::DebuggerAgentDispatch::dispatch
(this=0x963fcd8, data=...) at
third_party/WebKit/WebKit/chromium/src/DebuggerAgent.h:45
        className = {m_impl = {<WTF::FastAllocBase> = {<No data
fields>}, m_ptr = 0x9e927218}}
        methodName = {m_impl = {<WTF::FastAllocBase> = {<No data
fields>}, m_ptr = 0x9e395cb8}}
        args = {<WTF::FastAllocBase> = {<No data fields>}, m_size = 0,
          m_buffer = {<WTF::VectorBufferBase<WebCore::String>> =
{<WTFNoncopyable::Noncopyable> = {<WTF::FastAllocBase> = {<No data
fields>}, <No data fields>}, m_buffer = 0x0, m_capacity = 0}, <No data
fields>}}
#26 WebKit::WebDevToolsAgentImpl::dispatchMessageFromFrontend
(this=0x963fcd8, data=...)
    at third_party/WebKit/WebKit/chromium/src/WebDevToolsAgentImpl.cpp:265
No locals.
#27 0x085aaaed in DevToolsAgent::OnRpcMessage (this=0x96246e8, data=...)
at chrome/renderer/devtools_agent.cc:128
        web_agent = <value optimized out>
#28 0x085abdaa in DispatchToMethod<DevToolsAgent, void
(DevToolsAgent::*)(DevToolsMessageData const&), DevToolsMessageData>
(this=0x96246e8, message=...)
---Type <return> to continue, or q <return> to quit---
    at ./base/tuple.h:422
No locals.
#29 Dispatch<DevToolsAgent, void (DevToolsAgent::*)(DevToolsMessageData
const&)> (this=0x96246e8, message=...) at ./ipc/ipc_message_utils.h:991
        p = {a = {class_name = {static npos = 4294967295,
              _M_dataplus = {<std::allocator<char>> =
{<__gnu_cxx::new_allocator<char>> = {<No data fields>}, <No data fields>},
                _M_p = 0x9e3a45c4 "DebuggerAgent"}}, method_name =
{static npos = 4294967295,
              _M_dataplus = {<std::allocator<char>> =
{<__gnu_cxx::new_allocator<char>> = {<No data fields>}, <No data fields>},
                _M_p = 0x9e396a4c "processDebugCommands"}},
            arguments = {<std::_Vector_base<std::basic_string<char,
std::char_traits<char>, std::allocator<char> >,
std::allocator<std::basic_string<char, std::char_traits<char>,
std::allocator<char> > > >> = {
                _M_impl = {<std::allocator<std::basic_string<char,
std::char_traits<char>, std::allocator<char> > >> =
{<__gnu_cxx::new_allocator<std::basic_string<char,
std::char_traits<char>, std::allocator<char> > >> = {<No data fields>},
<No data fields>}, _M_start = 0x0, _M_finish = 0x0,
                  _M_end_of_storage = 0x0}}, <No data fields>}}}
#30 DevToolsAgent::OnMessageReceived (this=0x96246e8, message=...) at
chrome/renderer/devtools_agent.cc:52
        handled = <value optimized out>
#31 0x0856bc1e in RenderView::OnMessageReceived (this=0x9623c20,
message=...) at chrome/renderer/render_view.cc:540
        main_frame = <value optimized out>
#32 0x0903d4e1 in MessageRouter::RouteMessage (this=0x95ffe08, msg=...)
at chrome/common/message_router.cc:40
        listener = 0x0
#33 0x087f380a in DispatchToMethod<IPC::ChannelProxy::Context, void
(IPC::ChannelProxy::Context::*)(IPC::Message const&), IPC::Message>
(this=0x9e376508)
    at ./base/tuple.h:422
No locals.
#34 RunnableMethod<IPC::ChannelProxy::Context, void
(IPC::ChannelProxy::Context::*)(IPC::Message const&),
Tuple1<IPC::Message> >::Run (this=0x9e376508)
    at ./base/task.h:296
No locals.
#35 0x085f79a1 in MessageLoop::RunTask (this=0xaf8ff1ec,
task=0x9e376508) at base/message_loop.cc:329
No locals.
#36 0x085f92d6 in MessageLoop::DeferOrRunPendingTask (this=0xaf8ff1ec,
pending_task=...) at base/message_loop.cc:337
No locals.
#37 0x085f956c in MessageLoop::DoWork (this=0xaf8ff1ec) at
base/message_loop.cc:444
        pending_task = {task = 0x9e376508, delayed_run_time = {static
kMillisecondsPerSecond = 1000, static kMicrosecondsPerMillisecond = 1000,
            static kMicrosecondsPerSecond = 1000000, static
kMicrosecondsPerMinute = 60000000, static kMicrosecondsPerHour =
-694967296,
            static kMicrosecondsPerDay = 500654080, static
kMicrosecondsPerWeek = <optimized out>, static
kNanosecondsPerMicrosecond = 1000,
            static kNanosecondsPerSecond = <optimized out>, static
kWindowsEpochDeltaMicroseconds = 11644473600000000,
            static kTimeTToMicrosecondsOffset = 11644473600000000, us_ =
0}, sequence_num = 0, nestable = true}
#38 0x085faa58 in base::MessagePumpDefault::Run (this=0x95fc188,
delegate=0xaf8ff1ec) at base/message_pump_default.cc:23
        did_work = true
#39 0x085f88b4 in MessageLoop::RunInternal (this=0xaf8ff1ec) at
base/message_loop.cc:205
No locals.
#40 0x085f897d in MessageLoop::RunHandler (this=0x0) at
base/message_loop.cc:177
No locals.
#41 MessageLoop::RunAllPending (this=0x0) at base/message_loop.cc:161
        save_state = {<MessageLoop::RunState> = {run_depth = 2,
quit_received = true, dispatcher = 0x0}, loop_ = 0xaf8ff1ec,
previous_state_ = 0xaf8ff1ac}
#42 0x085ac1e5 in DevToolsAgentFilter::DispatchMessageLoop () at
chrome/renderer/devtools_agent_filter.cc:26
        current = 0xaf8ff1ec
        old_state = false
#43 0x088a22c1 in WebKit::DebuggerAgentManager::debugHostDispatchHandler
() at third_party/WebKit/WebKit/chromium/src/DebuggerAgentManager.cpp:95
        views = {<WTF::FastAllocBase> = {<No data fields>}, m_size = 1,
          m_buffer = {<WTF::VectorBufferBase<WebKit::WebViewImpl*>> =
{<WTFNoncopyable::Noncopyable> = {<WTF::FastAllocBase> = {<No data
fields>}, <No data fields>}, m_buffer = 0x9e950df8, m_capacity = 16},
<No data fields>}}
#44 0xb601da36 in v8::internal::Debugger::NotifyMessageHandler
(event=v8::Break, exec_state=..., event_data=..., auto_continue=false)
at src/debug.cc:2332
---Type <return> to continue, or q <return> to quit---
        command = {text_ = {start_ = 0x9656bec, length_ = -1349524737},
client_data_ = 0x9fa9c569}
        try_catch = {next_ = 0x1, exception_ = 0xaf8fe278, message_ =
0xaf8fe28f, is_verbose_ = true, can_continue_ = true, capture_message_ =
true,
          rethrow_ = true}
        response_val = {<v8::Handle<v8::Value>> = {val_ = 0xb602230b},
<No data fields>}
        fun_name = <value optimized out>
        argv = {{val_ = 0xb62334e0}}
        running = false
        try_catch = {next_ = 0xaf8fe92c, exception_ = 0xb064a0c5,
message_ = 0x0, is_verbose_ = false, can_continue_ = true,
capture_message_ = true,
          rethrow_ = false}
#45 0xb601de1f in v8::internal::Debugger::ProcessDebugEvent
(event=v8::Break, event_data=..., auto_continue=false) at src/debug.cc:2188
        caught_exception = false
#46 0xb601e927 in v8::internal::Debugger::OnDebugBreak
(break_points_hit=..., auto_continue=false) at src/debug.cc:2042
        caught_exception = false
        exec_state = <value optimized out>
        event_data = {location_ = 0x0}
#47 0xb601ff77 in v8::internal::Debug::Break (args=...) at src/debug.cc:921
        it = {iterator_ = {EntryFrame_ = {<v8::internal::StackFrame> =
{_vptr.StackFrame = 0xb622b148, iterator_ = 0xaf8fe430, state_ = {
                  sp = 0xaf8fe4c8 "\234可\240,$\266", fp = 0xb622e478
"L\214'", pc_address = 0xb622e478}}, <No data fields>},
            EntryConstructFrame_ = {<v8::internal::EntryFrame> =
{<v8::internal::StackFrame> = {_vptr.StackFrame = 0xb622b108, iterator_
= 0xaf8fe430,
                  state_ = {
                    sp = 0xb614ed8b "\213\223P\376\377\377;B\024\017\205
\377\377\377\353ۋD$\030\213T$\020\211t$@\211D$L\213D$\034\211T$H\211D$D\203\304,[^_]\351L\002",

                    fp = 0x9e08283d
"ඞQ\247\030\237!\240d\260\311.\b\236%\021\b\236E\245f\260\244\230=\t`\344\314\tU\240d\260U\240d\260U\240d\260!F\340\257\301\242d\260AF\342\257AJ\342\257a\243d\260\201&\b\236U\240d\260U\240d\260I\241d\260U\240d\260",
pc_address = 0xaf8fe4bc}}, <No data fields>}, <No data fields>},
            ExitFrame_ = {<v8::internal::StackFrame> = {_vptr.StackFrame
= 0xb622b0c8, iterator_ = 0xaf8fe430, state_ = {sp = 0xaf8fe520 "",
                  fp = 0xaf8fe54c "`可Us\342\257\001s\342\257\n",
pc_address = 0xaf8fe51c}}, <No data fields>},
            JavaScriptFrame_ = {<v8::internal::StandardFrame> =
{<v8::internal::StackFrame> = {_vptr.StackFrame = 0xb622b008, iterator_
= 0xaf8fe430,
                  state_ = {sp = 0xaf8fe568 "",
                    fp = 0xaf8fe574 "\214可\022\071\265\236E\245f\260ݕ\a
\236-Ӌ\236\021Ӌ\236\324可\217<\265\236\251\260\210\236E\245f\260\254可
\324可\002", pc_address = 0xaf8fe564}}, <No data fields>},
disable_heap_access_ = false},
            InternalFrame_ = {<v8::internal::StandardFrame> =
{<v8::internal::StackFrame> = {_vptr.StackFrame = 0xb622afc8, iterator_
= 0xaf8fe430,
                  state_ = {sp = 0xaf8fe554 "\001s\342\257\n", fp =
0xaf8fe560 "t可\315\061\265\236",
                    pc_address = 0xaf8fe550}}, <No data fields>}, <No
data fields>},
            ConstructFrame_ = {<v8::internal::InternalFrame> =
{<v8::internal::StandardFrame> = {<v8::internal::StackFrame> = {
                    _vptr.StackFrame = 0xb6228548, iterator_ =
0xaf8fe430, state_ = {sp = 0xaf8fe530 "ݕ\a\236",
                      fp = 0x9656b60
"%\021\b\236\221\224\a\236\225\225\a\236U\240d\260\001+\035\237\345ǩ\237\to\210\236\to\210\236!u\342\257!u\342\257\350\001",
pc_address = 0x2}}, <No data fields>}, <No data fields>}, <No data
fields>},
            ArgumentsAdaptorFrame_ = {<v8::internal::JavaScriptFrame> =
{<v8::internal::StandardFrame> = {<v8::internal::StackFrame> = {
                    _vptr.StackFrame = 0xb622b048, iterator_ =
0xaf8fe430, state_ = {sp = 0x3 <Address 0x3 out of bounds>, fp =
0xa9874301 "\242d\260",
                      pc_address = 0x2}}, <No data fields>},
disable_heap_access_ = false}, <No data fields>}, frame_ = 0xaf8fe46c,
handler_ = 0xaf8fe59c,
            thread_ = 0xb6242ca0, fp_ = 0x0, sp_ = 0x0, advance_ =
0xb60332e0 <v8::internal::StackFrameIterator::AdvanceWithHandler()>}}
        debugger = {prev_ = 0x0, it_ = {iterator_ = {EntryFrame_ =
{<v8::internal::StackFrame> = {_vptr.StackFrame = 0xb622b148, iterator_
= 0xaf8fe364,
                  state_ = {sp = 0xb064a055
"@\340\257a\240d\260I\240d\260\341@\340\257\022",
                    fp = 0x9656b64
"\221\224\a\236\225\225\a\236U\240d\260\001+\035\237\345ǩ\237\to\210\236\to\210\236!u\342\257!u\342\257\350\001",

                    pc_address = 0x80}}, <No data fields>},
EntryConstructFrame_ = {<v8::internal::EntryFrame> =
{<v8::internal::StackFrame> = {
                    _vptr.StackFrame = 0xb622b108, iterator_ =
0xaf8fe364, state_ = {sp = 0xb622fc28 "", fp = 0xc1 <Address 0xc1 out of
bounds>,
                      pc_address = 0xff}}, <No data fields>}, <No data
fields>}, ExitFrame_ = {<v8::internal::StackFrame> = {_vptr.StackFrame =
0xb622b0c8,
                  iterator_ = 0xaf8fe364, state_ = {sp = 0xaf8fe520 "",
fp = 0xaf8fe54c "`可Us\342\257\001s\342\257\n",
                    pc_address = 0xaf8fe51c}}, <No data fields>},
JavaScriptFrame_ = {<v8::internal::StandardFrame> =
{<v8::internal::StackFrame> = {
                    _vptr.StackFrame = 0xb622b008, iterator_ =
0xaf8fe364, state_ = {sp = 0xaf8fe568 "",
                      fp = 0xaf8fe574 "\214可\022\071\265\236E\245f\260ݕ
\a\236-Ӌ\236\021Ӌ\236\324可\217<\265\236\251\260\210\236E\245f\260\254可
\324可---Type <return> to continue, or q <return> to quit---
\002", pc_address = 0xaf8fe564}}, <No data fields>},
disable_heap_access_ = false},
              InternalFrame_ = {<v8::internal::StandardFrame> =
{<v8::internal::StackFrame> = {_vptr.StackFrame = 0xb622afc8, iterator_
= 0xaf8fe364,
                    state_ = {sp = 0xaf8fe554 "\001s\342\257\n", fp =
0xaf8fe560 "t可\315\061\265\236",
                      pc_address = 0xaf8fe550}}, <No data fields>}, <No
data fields>},
              ConstructFrame_ = {<v8::internal::InternalFrame> =
{<v8::internal::StandardFrame> = {<v8::internal::StackFrame> = {
                      _vptr.StackFrame = 0xb6228548, iterator_ =
0xaf8fe364, state_ = {sp = 0x1 <Address 0x1 out of bounds>,
                        fp = 0x9e08283d
"ඞQ\247\030\237!\240d\260\311.\b\236%\021\b\236E\245f\260\244\230=\t`\344\314\tU\240d\260U\240d\260U\240d\260!F\340\257\301\242d\260AF\342\257AJ\342\257a\243d\260\201&\b\236U\240d\260U\240d\260I\241d\260U\240d\260",

                        pc_address = 0xb614488a}}, <No data fields>},
<No data fields>}, <No data fields>},
              ArgumentsAdaptorFrame_ = {<v8::internal::JavaScriptFrame>
= {<v8::internal::StandardFrame> = {<v8::internal::StackFrame> = {
                      _vptr.StackFrame = 0xb622b048, iterator_ =
0xaf8fe364, state_ = {sp = 0xaf8fe524 "P可|可dke\tݕ\a\236",
                        fp = 0xaf8fe448 "0䏯\213\355\024\266=(\b\236\274
䏯Ȱ\"\266\060䏯 可L可\034可\b\260\"\266\060䏯h可t可d可",
                        pc_address = 0xa982ce85}}, <No data fields>},
disable_heap_access_ = false}, <No data fields>}, frame_ = 0xaf8fe3a0,
              handler_ = 0xaf8fe59c, thread_ = 0xb6242ca0, fp_ = 0x0,
sp_ = 0x0,
              advance_ = 0xb60332e0
<v8::internal::StackFrameIterator::AdvanceWithHandler()>}},
has_js_frames_ = true,
          break_frame_id_ = v8::internal::StackFrame::NO_ID, break_id_ =
0, load_failed_ = false, save_ = {context_ = {location_ = 0x9656b60},
            prev_ = 0xaf8fe734, js_sp_ = 0xaf8fe568 ""}}
        break_location_iterator = {_vptr.BreakLocationIterator =
0xb622add0, type_ = v8::internal::ALL_BREAK_LOCATIONS, break_point_ = 2,
position_ = 27,
          statement_position_ = 27, debug_info_ = {location_ =
0x9656b68}, reloc_iterator_ = 0x9cc31e0, reloc_iterator_original_ =
0x9ce06b0}
#48 0xafe26c6c in ?? ()
No symbol table info available.
#49 0xafe27355 in ?? ()
No symbol table info available.
#50 0x9eb531cd in ?? ()
No symbol table info available.
#51 0x9eb53912 in ?? ()
No symbol table info available.
#52 0x9eb53c8f in ?? ()
No symbol table info available.
#53 0xafe24c3b in ?? ()
No symbol table info available.
#54 0xafe242c2 in ?? ()
No symbol table info available.
#55 0xb60224ff in Invoke (construct=<value optimized out>, func=...,
receiver=..., argc=1, args=0xaf8fe8bc, has_pending_exception=0xaf8fe7ef)
    at src/execution.cc:94
        save = {context_ = {location_ = 0x9656b5c}, prev_ = 0x0, js_sp_
= 0x0}
        state = {disabled_ = true, state_ = v8::internal::OTHER,
previous_ = 0x9656c04, external_callback_ = 0x0, static current_state_ =
0x0}
        value = <value optimized out>
        code = {location_ = 0x9656b58}
#56 0xb6022a08 in v8::internal::Execution::Call (func=..., receiver=...,
argc=1, args=0xaf8fe8bc, pending_exception=0xaf8fe7ef) at
src/execution.cc:121
No locals.
#57 0xb5fec76a in v8::Function::Call (this=0x9656b44, recv=..., argc=1,
argv=0xaf8fe8bc) at src/api.cc:2759
        scope = {previous_ = {extensions = 1, next = 0x9656b58, limit =
0x9657ad8}, is_closed_ = false}
        has_pending_exception = false
        returned = <value optimized out>
        __state__ = {disabled_ = true, state_ = v8::internal::OTHER,
previous_ = 0x99b0050, external_callback_ = 0x0, static current_state_ =
0x0}
        raw_result = 0xb5fdcd69
#58 0x088dfba7 in WebCore::V8Proxy::callFunction (this=0x9626b90,
function=..., receiver=..., argc=1, args=0xaf8fe8bc)
    at third_party/WebKit/WebCore/bindings/v8/V8Proxy.cpp:492
        inspectedPage = 0x9656b44
        result = {<v8::Handle<v8::Value>> = {val_ = 0x0}, <No data fields>}
---Type <return> to continue, or q <return> to quit---
#59 0x08c3c7b4 in WebCore::V8LazyEventListener::callListenerFunction
(this=0x99b0050, context=0x9caa2f8, jsEvent=..., event=0x964a620)
    at third_party/WebKit/WebCore/bindings/v8/V8LazyEventListener.cpp:69
        proxy = 0x0
        receiver = {<v8::Handle<v8::Object>> = {val_ = 0x9656b54}, <No
data fields>}
        parameters = {{val_ = 0x9656b24}}
#60 0x08c3b352 in WebCore::V8AbstractEventListener::invokeEventHandler
(this=0x99b0050, context=0x9caa2f8, event=0x964a620, jsEvent=...)
    at
third_party/WebKit/WebCore/bindings/v8/V8AbstractEventListener.cpp:150
        tryCatch = {next_ = 0x0, exception_ = 0xb064a0c5, message_ =
0x0, is_verbose_ = true, can_continue_ = true, capture_message_ = true,
          rethrow_ = false}
        savedEvent = {<v8::Handle<v8::Value>> = {val_ = 0x0}, <No data
fields>}
#61 0x08c3b982 in WebCore::V8AbstractEventListener::handleEvent
(this=0x99b0050, context=0x9caa2f8, event=0x964a620)
    at third_party/WebKit/WebCore/bindings/v8/V8AbstractEventListener.cpp:93
        v8Context = {<v8::Handle<v8::Context>> = {val_ = 0x9656ae0}, <No
data fields>}
        jsEvent = <value optimized out>
        handleScope = {previous_ = {extensions = -1, next = 0x0, limit =
0x0}, is_closed_ = false}
#62 0x0890c2ff in WebCore::EventTarget::fireEventListeners
(this=0x9cce460, event=0x964a620, d=0x9cce508, entry=...)
    at third_party/WebKit/WebCore/dom/EventTarget.cpp:315
        registeredListener = <value optimized out>
        i = 0
        end = 1
#63 0x0890d0a6 in WebCore::EventTarget::fireEventListeners
(this=0x9cce460, event=0x964a620) at
third_party/WebKit/WebCore/dom/EventTarget.cpp:276
        d = 0x9cce508
#64 0x08a5d42e in WebCore::DOMWindow::dispatchEvent (this=0x9cce460,
prpEvent=..., prpTarget=...) at
third_party/WebKit/WebCore/page/DOMWindow.cpp:1450
        inspectedPage = 0x889f156
        result = <value optimized out>
#65 0x08a5e468 in WebCore::DOMWindow::dispatchLoadEvent (this=0x9cce460)
at third_party/WebKit/WebCore/page/DOMWindow.cpp:1401
        ownerElement = <value optimized out>
#66 0x088f92d7 in WebCore::Document::implicitClose (this=0x9caa2c8) at
third_party/WebKit/WebCore/dom/Document.cpp:1822
        wasLocationChangePending = <value optimized out>
        f = 0x9626588
        renderObject = <value optimized out>
#67 0x08a27e9b in WebCore::FrameLoader::checkCompleted (this=0x96265b4)
at third_party/WebKit/WebCore/loader/FrameLoader.cpp:1139
        protect = {<WTF::FastAllocBase> = {<No data fields>}, m_ptr =
0x9626588}
#68 0x08a28057 in WebCore::FrameLoader::finishedParsing (this=0x96265b4)
at third_party/WebKit/WebCore/loader/FrameLoader.cpp:1078
        protector = {<WTF::FastAllocBase> = {<No data fields>}, m_ptr =
0x9626588}
#69 0x088f4fa1 in WebCore::Document::finishedParsing (this=0x9caa2c8) at
third_party/WebKit/WebCore/dom/Document.cpp:4225
        f = 0x9626588
#70 0x089ccfee in WebCore::HTMLTokenizer::end (this=0x9cc4340) at
third_party/WebKit/WebCore/html/HTMLTokenizer.cpp:1870
No locals.
#71 0x089cd1a8 in WebCore::HTMLTokenizer::finish (this=0x9cc4340) at
third_party/WebKit/WebCore/html/HTMLTokenizer.cpp:1910
No locals.
#72 0x08a1ee0a in WebCore::FrameLoader::endIfNotLoadingMainResource
(this=0x96265b4) at third_party/WebKit/WebCore/loader/FrameLoader.cpp:981
No locals.
#73 0x08a27cfc in WebCore::FrameLoader::finishedLoading (this=0x96265b4)
at third_party/WebKit/WebCore/loader/FrameLoader.cpp:2825
No locals.
#74 0x08a34956 in WebCore::MainResourceLoader::didFinishLoading
(this=0x9ae31a0) at
third_party/WebKit/WebCore/loader/MainResourceLoader.cpp:424
No locals.
#75 0x0885d69f in
webkit_glue::WebURLLoaderImpl::Context::OnCompletedRequest
(this=0x9ce6088, status=..., security_info=...)
    at webkit/glue/weburlloader_impl.cc:553
No locals.
#76 0x0902c50b in ResourceDispatcher::OnRequestComplete (this=0x9602360,
request_id=214, status=..., security_info=...)
---Type <return> to continue, or q <return> to quit---
    at chrome/common/resource_dispatcher.cc:466
        peer = 0x9ce6088
#77 0x0902ccb8 in DispatchToMethod<ResourceDispatcher, void
(ResourceDispatcher::*)(int, URLRequestStatus const&, std::string
const&), int, URLRequestStatus, std::basic_string<char,
std::char_traits<char>, std::allocator<char> > > (this=0x9602360,
message=...) at ./base/tuple.h:435
No locals.
#78 Dispatch<ResourceDispatcher, void (ResourceDispatcher::*)(int,
URLRequestStatus const&, std::string const&)> (this=0x9602360, message=...)
    at ./ipc/ipc_message_utils.h:991
        p = {a = 214, b = {status_ = URLRequestStatus::SUCCESS,
os_error_ = 0}, c = {static npos = 4294967295,
            _M_dataplus = {<std::allocator<char>> =
{<__gnu_cxx::new_allocator<char>> = {<No data fields>}, <No data
fields>}, _M_p = 0x93e026c ""}}}
#79 ResourceDispatcher::DispatchMessage (this=0x9602360, message=...) at
chrome/common/resource_dispatcher.cc:533
No locals.
#80 0x0902d0d2 in ResourceDispatcher::OnMessageReceived (this=0x9602360,
message=...) at chrome/common/resource_dispatcher.cc:302
        request_id = 214
        iter = 0x9e366ba8
#81 0x0903b691 in ChildThread::OnMessageReceived (this=0x95ffdf4,
msg=...) at chrome/common/child_thread.cc:124
No locals.
#82 0x087f380a in DispatchToMethod<IPC::ChannelProxy::Context, void
(IPC::ChannelProxy::Context::*)(IPC::Message const&), IPC::Message>
(this=0x9e957390)
    at ./base/tuple.h:422
No locals.
#83 RunnableMethod<IPC::ChannelProxy::Context, void
(IPC::ChannelProxy::Context::*)(IPC::Message const&),
Tuple1<IPC::Message> >::Run (this=0x9e957390)
    at ./base/task.h:296
No locals.
#84 0x085f79a1 in MessageLoop::RunTask (this=0xaf8ff1ec,
task=0x9e957390) at base/message_loop.cc:329
No locals.
#85 0x085f92d6 in MessageLoop::DeferOrRunPendingTask (this=0xaf8ff1ec,
pending_task=...) at base/message_loop.cc:337
No locals.
#86 0x085f956c in MessageLoop::DoWork (this=0xaf8ff1ec) at
base/message_loop.cc:444
        pending_task = {task = 0x9e957390, delayed_run_time = {static
kMillisecondsPerSecond = 1000, static kMicrosecondsPerMillisecond = 1000,
            static kMicrosecondsPerSecond = 1000000, static
kMicrosecondsPerMinute = 60000000, static kMicrosecondsPerHour =
-694967296,
            static kMicrosecondsPerDay = 500654080, static
kMicrosecondsPerWeek = <optimized out>, static
kNanosecondsPerMicrosecond = 1000,
            static kNanosecondsPerSecond = <optimized out>, static
kWindowsEpochDeltaMicroseconds = 11644473600000000,
            static kTimeTToMicrosecondsOffset = 11644473600000000, us_ =
0}, sequence_num = 0, nestable = true}
#87 0x085faa58 in base::MessagePumpDefault::Run (this=0x95fc188,
delegate=0xaf8ff1ec) at base/message_pump_default.cc:23
        did_work = true
#88 0x085f88b4 in MessageLoop::RunInternal (this=0xaf8ff1ec) at
base/message_loop.cc:205
No locals.
#89 0x085f89dd in MessageLoop::RunHandler (this=0x0) at
base/message_loop.cc:177
No locals.
#90 MessageLoop::Run (this=0x0) at base/message_loop.cc:155
        save_state = {<MessageLoop::RunState> = {run_depth = 1,
quit_received = false, dispatcher = 0x0}, loop_ = 0xaf8ff1ec,
previous_state_ = 0x0}
#91 0x0860fae4 in base::Thread::ThreadMain (this=0x95fb9b8) at
base/thread.cc:156
        message_loop = {<base::MessagePump::Delegate> = {_vptr.Delegate
= 0x916b4d8}, static event_descriptions_ = {{sample = 1,
              description = 0x916b499 "kTaskRunEvent"}, {sample = 2,
description = 0x916b4a7 "kTimerEvent"}, {sample = -1, description = 0x0}},
          static enable_histogrammer_ = false, type_ =
MessageLoop::TYPE_DEFAULT,
          work_queue_ = {<std::queue<MessageLoop::PendingTask,
std::deque<MessageLoop::PendingTask,
std::allocator<MessageLoop::PendingTask> > >> = {
              c = {<std::_Deque_base<MessageLoop::PendingTask,
std::allocator<MessageLoop::PendingTask> >> = {
                  _M_impl = {<std::allocator<MessageLoop::PendingTask>>
= {<__gnu_cxx::new_allocator<MessageLoop::PendingTask>> = {<No data
fields>}, <No data fields>}, _M_map = 0xa877d858, _M_map_size = 18,
_M_start = {_M_cur = 0x9e3ac800, _M_first = 0x9e3ac6e8, _M_last =
0x9e3ac8dc, _M_node = 0xa877d880},
                    _M_finish = {_M_cur = 0x9e3ac8c8, _M_first =
0x9e3ac6e8, _M_last = 0x9e3ac8dc,
                      _M_node = 0xa877d880}}}, <No data fields>}}, <No
data fields>}, delayed_work_queue_ = {
            c = {<std::_Vector_base<MessageLoop::PendingTask,
std::allocator<MessageLoop::PendingTask> >> = {
---Type <return> to continue, or q <return> to quit---
                _M_impl = {<std::allocator<MessageLoop::PendingTask>> =
{<__gnu_cxx::new_allocator<MessageLoop::PendingTask>> = {<No data
fields>}, <No data fields>}, _M_start = 0x9e96ea78, _M_finish =
0x9e96eadc, _M_end_of_storage = 0x9e96f478}}, <No data fields>},
            comp = {<std::binary_function<MessageLoop::PendingTask,
MessageLoop::PendingTask, bool>> = {<No data fields>}, <No data fields>}},
          deferred_non_nestable_work_queue_ =
{<std::queue<MessageLoop::PendingTask,
std::deque<MessageLoop::PendingTask,
std::allocator<MessageLoop::PendingTask> > >> = {c =
{<std::_Deque_base<MessageLoop::PendingTask,
std::allocator<MessageLoop::PendingTask> >> = {
                  _M_impl = {<std::allocator<MessageLoop::PendingTask>>
= {<__gnu_cxx::new_allocator<MessageLoop::PendingTask>> = {<No data
fields>}, <No data fields>}, _M_map = 0x95fbf40, _M_map_size = 8,
_M_start = {_M_cur = 0x95fbf68, _M_first = 0x95fbf68, _M_last =
0x95fc15c, _M_node = 0x95fbf4c},
                    _M_finish = {_M_cur = 0x95fbf68, _M_first =
0x95fbf68, _M_last = 0x95fc15c,
                      _M_node = 0x95fbf4c}}}, <No data fields>}}, <No
data fields>}, pump_ = {ptr_ = 0x95fc188},
          destruction_observers_ =
{<ObserverListBase<MessageLoop::DestructionObserver>> = {
              observers_ =
{<std::_Vector_base<MessageLoop::DestructionObserver*,
std::allocator<MessageLoop::DestructionObserver*> >> = {
                  _M_impl =
{<std::allocator<MessageLoop::DestructionObserver*>> =
{<__gnu_cxx::new_allocator<MessageLoop::DestructionObserver*>> = {<No
data fields>}, <No data fields>}, _M_start = 0x95ff628, _M_finish =
0x95ff62c, _M_end_of_storage = 0x95ff62c}}, <No data fields>},
notify_depth_ = 0,
              type_ =
ObserverListBase<MessageLoop::DestructionObserver>::NOTIFY_ALL}, <No
data fields>}, nestable_tasks_allowed_ = false,
          exception_restoration_ = false, thread_name_ = {static npos =
4294967295,
            _M_dataplus = {<std::allocator<char>> =
{<__gnu_cxx::new_allocator<char>> = {<No data fields>}, <No data fields>},
              _M_p = 0x95fb9ec "Chrome_InProcRendererThread"}},
message_histogram_ = {ptr_ = 0x0},
          incoming_queue_ = {<std::queue<MessageLoop::PendingTask,
std::deque<MessageLoop::PendingTask,
std::allocator<MessageLoop::PendingTask> > >> = {
              c = {<std::_Deque_base<MessageLoop::PendingTask,
std::allocator<MessageLoop::PendingTask> >> = {
                  _M_impl = {<std::allocator<MessageLoop::PendingTask>>
= {<__gnu_cxx::new_allocator<MessageLoop::PendingTask>> = {<No data
fields>}, <No data fields>}, _M_map = 0x95fc160, _M_map_size = 8,
_M_start = {_M_cur = 0x9c118c0, _M_first = 0x9c117a8, _M_last =
0x9c1199c, _M_node = 0x95fc178},
                    _M_finish = {_M_cur = 0xafde0870, _M_first =
0xafde07d0, _M_last = 0xafde09c4,
                      _M_node = 0x95fc17c}}}, <No data fields>}}, <No
data fields>}, incoming_queue_lock_ = {lock_ = {os_lock_ = {__data =
{__lock = 0,
                  __count = 0, __owner = 0, __kind = 0, __nusers = 0,
{__spins = 0, __list = {__next = 0x0}}}, __size = '\000' <repeats 23
times>,
                __align = 0}}}, state_ = 0xaf8fe07c, next_sequence_num_
= 320}
#92 0x08602b21 in ThreadFunc (closure=0x95fb9b8) at
base/platform_thread_posix.cc:28
No locals.
#93 0xb62eb955 in start_thread (arg=0xaf8ffb70) at pthread_create.c:300
        __res = <value optimized out>
        __ignore1 = <value optimized out>
        __ignore2 = <value optimized out>
        pd = 0xaf8ffb70
        now = <value optimized out>
        unwind_buf = {cancel_jmp_buf = {{jmp_buf = {-1238384652, 0,
4001536, -1349520408, -1311572249, -213469996}, mask_was_saved = 0}},
priv = {pad = {
              0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0,
canceltype = 0}}}
        not_first_call = <value optimized out>
        freesize = <value optimized out>
        __PRETTY_FUNCTION__ = "start_thread"
#94 0xb59d310e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130
No locals.
(gdb)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-chromium-maint/attachments/20100707/93cb315d/attachment-0001.pgp>


More information about the Pkg-chromium-maint mailing list