186630 2018-06-14 13:19:16 -0700 REGRESSION(232741): Crash running ARES-6 2018-06-14 14:48:11 -0700 1 1 1 Unclassified WebKit JavaScriptCore Other Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 msaboff msaboff commit-queue ews-watchlist keith_miller mark.lam saam webkit-bug-importer oldest_to_newest 1433093 0 msaboff 2018-06-14 13:19:16 -0700 <rdar://problem/41102411> Looks like we crash as we are DFG compiling a function running Babylon. Process: com.apple.WebKit.WebContent.Development [4233] Code Type: X86-64 (Native) Responsible: Safari [4226] User ID: 501 Date/Time: 2018-06-13 14:36:11.293 -0700 Report Version: 12 Crashed Thread: 17 WTF::AutomaticThread Exception Type: EXC_BREAKPOINT (SIGTRAP) Exception Codes: 0x0000000000000002, 0x0000000000000000 Exception Note: EXC_CORPSE_NOTIFY Termination Signal: Trace/BPT trap: 5 Termination Reason: Namespace SIGNAL, Code 0x5 Terminating Process: exc handler [4233] … Thread 17 Crashed:: WTF::AutomaticThread 0 com.apple.JavaScriptCore 0x00000002bc0c63fa JSC::DFG::BasicBlock::replacePredecessor(JSC::DFG::BasicBlock*, JSC::DFG::BasicBlock*) + 58 1 com.apple.JavaScriptCore 0x00000002bc14db5a JSC::DFG::CriticalEdgeBreakingPhase::breakCriticalEdge(JSC::DFG::BasicBlock*, JSC::DFG::BasicBlock**) + 218 2 com.apple.JavaScriptCore 0x00000002bc14d99c JSC::DFG::CriticalEdgeBreakingPhase::run() + 668 3 com.apple.JavaScriptCore 0x00000002bc143ae3 bool JSC::DFG::runPhase<JSC::DFG::CriticalEdgeBreakingPhase>(JSC::DFG::Graph&) + 115 4 com.apple.JavaScriptCore 0x00000002bc2443f8 JSC::DFG::Plan::compileInThreadImpl() + 3624 5 com.apple.JavaScriptCore 0x00000002bc242eb6 JSC::DFG::Plan::compileInThread(JSC::DFG::ThreadData*) + 646 6 com.apple.JavaScriptCore 0x00000002bc34bacc JSC::DFG::Worklist::ThreadBody::work() + 300 7 com.apple.JavaScriptCore 0x00000002bbdc3ec0 WTF::Function<void ()>::CallableWrapper<WTF::AutomaticThread::start(WTF::AbstractLocker const&)::$_0>::call() + 304 8 com.apple.JavaScriptCore 0x00000002bbdf0312 WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*) + 194 9 com.apple.JavaScriptCore 0x00000002bbbf8459 WTF::wtfThreadEntryPoint(void*) + 9 10 libsystem_pthread.dylib 0x00007fff6c7fbb47 _pthread_body + 128 11 libsystem_pthread.dylib 0x00007fff6c7fbac5 _pthread_start + 61 12 libsystem_pthread.dylib 0x00007fff6c7fb6f1 thread_start + 13 1433098 1 342757 msaboff 2018-06-14 13:29:35 -0700 Created attachment 342757 Patch 1433100 2 342757 saam 2018-06-14 13:34:05 -0700 Comment on attachment 342757 Patch r=me 1433130 3 342757 commit-queue 2018-06-14 14:48:09 -0700 Comment on attachment 342757 Patch Clearing flags on attachment: 342757 Committed r232856: <https://trac.webkit.org/changeset/232856> 1433131 4 commit-queue 2018-06-14 14:48:11 -0700 All reviewed patches have been landed. Closing bug. 342757 2018-06-14 13:29:35 -0700 2018-06-14 14:48:09 -0700 Patch 186630.patch text/plain 3240 msaboff SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMjMyODUwKQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE5IEBA CisyMDE4LTA2LTE0ICBNaWNoYWVsIFNhYm9mZiAgPG1zYWJvZmZAYXBwbGUuY29tPgorCisgICAg ICAgIFJFR1JFU1NJT04oMjMyNzQxKTogQ3Jhc2ggcnVubmluZyBBUkVTLTYKKyAgICAgICAgaHR0 cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTE4NjYzMAorCisgICAgICAgIFJl dmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFRoZSBkZS1kdXBsaWNhdGluZyB3 b3JrIGluIHIyMzI3NDEgY2F1c2VkIGEgYnVnIGluIGJyZWFrQ3JpdGljYWxFZGdlKCkgd2hlcmUg aXQKKyAgICAgICAgdHJlYXRlZCBlZGdlcyBiZXR3ZWVuIGlkZW50aWNhbCBwcmVkZWNlc3Nvci0+ c3VjY2Vzc29yIHBhaXJzIGluZGVwZW5kZW50bHkuCisgICAgICAgIFRoaXMgZml4ZXMgdGhlIGlz c3VlIGJ5IGhhbmRsaW5nIHN1Y2ggZWRnZXMgb25jZSwgdXNpbmcgdGhlIGFkZGVkIGludGVybWVk aWF0ZQorICAgICAgICBwYWQgZm9yIGFsbCBpbnN0YW5jZXMgb2YgdGhlIGVkZ2VzIGJldHdlZW4g dGhlIHNhbWUgcGFpcnMuCisKKyAgICAgICAgKiBkZmcvREZHQ3JpdGljYWxFZGdlQnJlYWtpbmdQ aGFzZS5jcHA6CisgICAgICAgIChKU0M6OkRGRzo6Q3JpdGljYWxFZGdlQnJlYWtpbmdQaGFzZTo6 cnVuKToKKyAgICAgICAgKEpTQzo6REZHOjpDcml0aWNhbEVkZ2VCcmVha2luZ1BoYXNlOjpicmVh a0NyaXRpY2FsRWRnZSk6IERlbGV0ZWQuCisKIDIwMTgtMDYtMTQgIENhcmxvcyBHYXJjaWEgQ2Ft cG9zICA8Y2dhcmNpYUBpZ2FsaWEuY29tPgogCiAgICAgICAgIFtHVEtdW1dQRV0gV2ViRHJpdmVy OiBoYW5kbGUgYWNjZXB0SW5zZWN1cmVDZXJ0aWZpY2F0ZXMgY2FwYWJpbGl0eQpJbmRleDogU291 cmNlL0phdmFTY3JpcHRDb3JlL2RmZy9ERkdDcml0aWNhbEVkZ2VCcmVha2luZ1BoYXNlLmNwcAo9 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09Ci0tLSBTb3VyY2UvSmF2YVNjcmlwdENvcmUvZGZnL0RGR0NyaXRpY2FsRWRnZUJy ZWFraW5nUGhhc2UuY3BwCShyZXZpc2lvbiAyMzI4NDgpCisrKyBTb3VyY2UvSmF2YVNjcmlwdENv cmUvZGZnL0RGR0NyaXRpY2FsRWRnZUJyZWFraW5nUGhhc2UuY3BwCSh3b3JraW5nIGNvcHkpCkBA IC01NiwxMyArNTYsMzAgQEAgcHVibGljOgogICAgICAgICAgICAgCiAgICAgICAgICAgICBpZiAo YmxvY2stPm51bVN1Y2Nlc3NvcnMoKSA8PSAxKQogICAgICAgICAgICAgICAgIGNvbnRpbnVlOwot ICAgICAgICAgICAgCisKKyAgICAgICAgICAgIC8vIEJyZWFrIGNyaXRpY2FsIGVkZ2VzIGJ5IGlu c2VydGluZyBhICJKdW1wIiBwYWQgYmxvY2sgaW4gcGxhY2Ugb2YgZWFjaAorICAgICAgICAgICAg Ly8gdW5pcXVlIEEtPkIgY3JpdGljYWwgZWRnZS4KKyAgICAgICAgICAgIEhhc2hNYXA8QmFzaWNC bG9jayosIEJhc2ljQmxvY2sqPiBzdWNjZXNzb3JQYWRzOworCiAgICAgICAgICAgICBmb3IgKHVu c2lnbmVkIGkgPSBibG9jay0+bnVtU3VjY2Vzc29ycygpOyBpLS07KSB7CiAgICAgICAgICAgICAg ICAgQmFzaWNCbG9jayoqIHN1Y2Nlc3NvciA9ICZibG9jay0+c3VjY2Vzc29yKGkpOwogICAgICAg ICAgICAgICAgIGlmICgoKnN1Y2Nlc3NvciktPnByZWRlY2Vzc29ycy5zaXplKCkgPD0gMSkKICAg ICAgICAgICAgICAgICAgICAgY29udGludWU7Ci0gICAgICAgICAgICAgICAgCi0gICAgICAgICAg ICAgICAgYnJlYWtDcml0aWNhbEVkZ2UoYmxvY2ssIHN1Y2Nlc3Nvcik7IAorCisgICAgICAgICAg ICAgICAgQmFzaWNCbG9jayogcGFkID0gbnVsbHB0cjsKKyAgICAgICAgICAgICAgICBhdXRvIGl0 ZXIgPSBzdWNjZXNzb3JQYWRzLmZpbmQoKnN1Y2Nlc3Nvcik7CisKKyAgICAgICAgICAgICAgICBp ZiAoaXRlciA9PSBzdWNjZXNzb3JQYWRzLmVuZCgpKSB7CisgICAgICAgICAgICAgICAgICAgIHBh ZCA9IG1faW5zZXJ0aW9uU2V0Lmluc2VydEJlZm9yZSgqc3VjY2Vzc29yLCAoKnN1Y2Nlc3Nvcikt PmV4ZWN1dGlvbkNvdW50KTsKKyAgICAgICAgICAgICAgICAgICAgcGFkLT5hcHBlbmROb2RlKAor ICAgICAgICAgICAgICAgICAgICAgICAgbV9ncmFwaCwgU3BlY05vbmUsIEp1bXAsICgqc3VjY2Vz c29yKS0+YXQoMCktPm9yaWdpbiwgT3BJbmZvKCpzdWNjZXNzb3IpKTsKKyAgICAgICAgICAgICAg ICAgICAgcGFkLT5wcmVkZWNlc3NvcnMuYXBwZW5kKGJsb2NrKTsKKyAgICAgICAgICAgICAgICAg ICAgKCpzdWNjZXNzb3IpLT5yZXBsYWNlUHJlZGVjZXNzb3IoYmxvY2ssIHBhZCk7CisgICAgICAg ICAgICAgICAgICAgIHN1Y2Nlc3NvclBhZHMuc2V0KCpzdWNjZXNzb3IsIHBhZCk7CisgICAgICAg ICAgICAgICAgfSBlbHNlCisgICAgICAgICAgICAgICAgICAgIHBhZCA9IGl0ZXItPnZhbHVlOwor CisgICAgICAgICAgICAgICAgKnN1Y2Nlc3NvciA9IHBhZDsKICAgICAgICAgICAgIH0KICAgICAg ICAgfQogICAgICAgICAKQEAgLTcwLDE3ICs4Nyw2IEBAIHB1YmxpYzoKICAgICB9CiAKIHByaXZh dGU6Ci0gICAgdm9pZCBicmVha0NyaXRpY2FsRWRnZShCYXNpY0Jsb2NrKiBwcmVkZWNlc3Nvciwg QmFzaWNCbG9jayoqIHN1Y2Nlc3NvcikKLSAgICB7Ci0gICAgICAgIEJhc2ljQmxvY2sqIHBhZCA9 IG1faW5zZXJ0aW9uU2V0Lmluc2VydEJlZm9yZSgqc3VjY2Vzc29yLCAoKnN1Y2Nlc3NvciktPmV4 ZWN1dGlvbkNvdW50KTsKLSAgICAgICAgcGFkLT5hcHBlbmROb2RlKAotICAgICAgICAgICAgbV9n cmFwaCwgU3BlY05vbmUsIEp1bXAsICgqc3VjY2Vzc29yKS0+YXQoMCktPm9yaWdpbiwgT3BJbmZv KCpzdWNjZXNzb3IpKTsKLSAgICAgICAgcGFkLT5wcmVkZWNlc3NvcnMuYXBwZW5kKHByZWRlY2Vz c29yKTsKLSAgICAgICAgKCpzdWNjZXNzb3IpLT5yZXBsYWNlUHJlZGVjZXNzb3IocHJlZGVjZXNz b3IsIHBhZCk7Ci0gICAgICAgIAotICAgICAgICAqc3VjY2Vzc29yID0gcGFkOwotICAgIH0KLSAg ICAKICAgICBCbG9ja0luc2VydGlvblNldCBtX2luc2VydGlvblNldDsKIH07CiAK