54667 2011-02-17 08:41:24 -0800 latest jsc for armv7 crashes in sunspider tests 2011-02-23 11:43:52 -0800 1 1 1 Unclassified WebKit JavaScriptCore 528+ (Nightly build) Other Linux RESOLVED FIXED InRadar P2 Major --- 0 vjaquez webkit-unassigned abarth barraclough ddkilzer eric ggaren webkit.review.bot xan.lopez oldest_to_newest 352936 0 vjaquez 2011-02-17 08:41:24 -0800 According to our builbot this commit http://trac.webkit.org/changeset/78732 crashes the execution of the sunspider tests, and also the v8 benchmarks. The machine is an ARMv7 Pandaboard EA1, kernel 2.6.35.3 and the JSC is natively compiled with g++ (Ubuntu/Linaro 4.4.4-14ubuntu5) 4.4.5 trace: ~/WebKit/Programs/jsc sunspider-0.9.1/3d-cube.js ASSERTION FAILED: differenceBetween(hotPathBegin, displacementLabel1) == patchOffsetPutByIdPropertyMapOffset1 Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp(517) : void JSC::JIT::emit_op_put_by_id(JSC::Instruction*) Segmentation fault gdb trace: Starting program: /home/user/buildslave/full-wk/build/Programs/jsc 3d-cube.js [Thread debugging using libthread_db enabled] [New Thread 0x41e5f460 (LWP 23458)] Program received signal SIGSEGV, Segmentation fault. 0x000d80b8 in JITStubThunked_op_create_this () (gdb) bt #0 0x000d80b8 in JITStubThunked_op_create_this () #1 0x000d3b1c in cti_op_create_this () #2 0x000d3b1c in cti_op_create_this () 353052 1 ddkilzer 2011-02-17 11:27:13 -0800 <rdar://problem/9018458> 354746 2 xan.lopez 2011-02-21 12:46:23 -0800 With the patch from https://bugs.webkit.org/show_bug.cgi?id=54901 I can see the difference in the offsets is: ASSERTION FAILED: JIT Offset "patchOffsetPutByIdPropertyMapOffset1" should be 46, not 36. differenceBetween(hotPathBegin, displacementLabel1) == patchOffsetPutByIdPropertyMapOffset1 ../../Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp(517) : void JSC::JIT::emit_op_put_by_id(JSC::Instruction*) 356045 3 83476 xan.lopez 2011-02-23 05:50:58 -0800 Created attachment 83476 jitoffsetarmv7.diff This seems to fix the issue. 356194 4 83476 barraclough 2011-02-23 10:48:34 -0800 Comment on attachment 83476 jitoffsetarmv7.diff Apologies for breaking this, cheers for the fix Xan. 356205 5 83476 xan.lopez 2011-02-23 10:55:41 -0800 Comment on attachment 83476 jitoffsetarmv7.diff Clearing flags on attachment: 83476 Committed r79460: <http://trac.webkit.org/changeset/79460> 356206 6 xan.lopez 2011-02-23 10:55:48 -0800 All reviewed patches have been landed. Closing bug. 356259 7 webkit.review.bot 2011-02-23 11:43:52 -0800 http://trac.webkit.org/changeset/79460 might have broken Qt Linux Release The following tests are not passing: fast/overflow/overflow-height-float-not-removed-crash3.html 83476 2011-02-23 05:50:58 -0800 2011-02-23 10:55:41 -0800 jitoffsetarmv7.diff jitoffsetarmv7.diff text/plain 2732 xan.lopez RnJvbSA3ZTczZDU3Y2NkNDNkZDcyOWI0NTM0NWE4M2MwMGU4ZGU3MjFlYTZmIE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBYYW4gTG9wZXogPHhhbkBnbm9tZS5vcmc+CkRhdGU6IFdlZCwg MjMgRmViIDIwMTEgMTQ6NDk6NTUgKzAxMDAKU3ViamVjdDogW1BBVENIXSAyMDExLTAyLTIzICBY YW4gTG9wZXogIDx4bG9wZXpAaWdhbGlhLmNvbT4KCiAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZ IChPT1BTISkuCgogICAgICAgIGxhdGVzdCBqc2MgZm9yIGFybXY3IGNyYXNoZXMgaW4gc3Vuc3Bp ZGVyIHRlc3RzCiAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lk PTU0NjY3CgogICAgICAgIFVwZGF0ZSBKSVQgb2Zmc2V0IHZhbHVlcyBpbiBBUk12NyBhZnRlciBy Nzg3MzIuIEZpeGVzIGNyYXNoZXMgaW4KICAgICAgICBTdW5TcGlkZXIgYW5kIEphdmFTY3JpcHQg dGVzdHMuCgogICAgICAgICogaml0L0pJVC5oOiB1cGRhdGUgdmFsdWVzLgotLS0KIFNvdXJjZS9K YXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cgfCAgIDEyICsrKysrKysrKysrKwogU291cmNlL0phdmFT Y3JpcHRDb3JlL2ppdC9KSVQuaCB8ICAgMTAgKysrKystLS0tLQogMiBmaWxlcyBjaGFuZ2VkLCAx NyBpbnNlcnRpb25zKCspLCA1IGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL1NvdXJjZS9KYXZh U2NyaXB0Q29yZS9DaGFuZ2VMb2cgYi9Tb3VyY2UvSmF2YVNjcmlwdENvcmUvQ2hhbmdlTG9nCmlu ZGV4IDViYWNiMjkuLjU2ZmNlNWQgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9KYXZhU2NyaXB0Q29yZS9D aGFuZ2VMb2cKKysrIGIvU291cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwpAQCAtMSwzICsx LDE1IEBACisyMDExLTAyLTIzICBYYW4gTG9wZXogIDx4bG9wZXpAaWdhbGlhLmNvbT4KKworICAg ICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICBsYXRlc3QganNjIGZv ciBhcm12NyBjcmFzaGVzIGluIHN1bnNwaWRlciB0ZXN0cworICAgICAgICBodHRwczovL2J1Z3Mu d2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9NTQ2NjcKKworICAgICAgICBVcGRhdGUgSklUIG9m ZnNldCB2YWx1ZXMgaW4gQVJNdjcgYWZ0ZXIgcjc4NzMyLiBGaXhlcyBjcmFzaGVzIGluCisgICAg ICAgIFN1blNwaWRlciBhbmQgSmF2YVNjcmlwdCB0ZXN0cy4KKworICAgICAgICAqIGppdC9KSVQu aDogdXBkYXRlIHZhbHVlcy4KKwogMjAxMS0wMi0yMyAgUGF0cmljayBHYW5zdGVyZXIgIDxwYXJv Z2FAd2Via2l0Lm9yZz4KIAogICAgICAgICBSZXZpZXdlZCBieSBBbGV4ZXkgUHJvc2t1cnlha292 LgpkaWZmIC0tZ2l0IGEvU291cmNlL0phdmFTY3JpcHRDb3JlL2ppdC9KSVQuaCBiL1NvdXJjZS9K YXZhU2NyaXB0Q29yZS9qaXQvSklULmgKaW5kZXggMzZkODBhZi4uMGE3YWQzOSAxMDA2NDQKLS0t IGEvU291cmNlL0phdmFTY3JpcHRDb3JlL2ppdC9KSVQuaAorKysgYi9Tb3VyY2UvSmF2YVNjcmlw dENvcmUvaml0L0pJVC5oCkBAIC00MDIsMTQgKzQwMiwxNCBAQCBuYW1lc3BhY2UgSlNDIHsKICNl bGlmIENQVShBUk1fVEhVTUIyKQogICAgICAgICAvLyBUaGVzZSBhcmNoaXRlY3R1cmUgc3BlY2lm aWMgdmFsdWUgYXJlIHVzZWQgdG8gZW5hYmxlIHBhdGNoaW5nIC0gc2VlIGNvbW1lbnQgb24gb3Bf cHV0X2J5X2lkLgogICAgICAgICBzdGF0aWMgY29uc3QgaW50IHBhdGNoT2Zmc2V0UHV0QnlJZFN0 cnVjdHVyZSA9IDEwOwotICAgICAgICBzdGF0aWMgY29uc3QgaW50IHBhdGNoT2Zmc2V0UHV0QnlJ ZFByb3BlcnR5TWFwT2Zmc2V0MSA9IDQ2OwotICAgICAgICBzdGF0aWMgY29uc3QgaW50IHBhdGNo T2Zmc2V0UHV0QnlJZFByb3BlcnR5TWFwT2Zmc2V0MiA9IDU4OworICAgICAgICBzdGF0aWMgY29u c3QgaW50IHBhdGNoT2Zmc2V0UHV0QnlJZFByb3BlcnR5TWFwT2Zmc2V0MSA9IDM2OworICAgICAg ICBzdGF0aWMgY29uc3QgaW50IHBhdGNoT2Zmc2V0UHV0QnlJZFByb3BlcnR5TWFwT2Zmc2V0MiA9 IDQ4OwogICAgICAgICAvLyBUaGVzZSBhcmNoaXRlY3R1cmUgc3BlY2lmaWMgdmFsdWUgYXJlIHVz ZWQgdG8gZW5hYmxlIHBhdGNoaW5nIC0gc2VlIGNvbW1lbnQgb24gb3BfZ2V0X2J5X2lkLgogICAg ICAgICBzdGF0aWMgY29uc3QgaW50IHBhdGNoT2Zmc2V0R2V0QnlJZFN0cnVjdHVyZSA9IDEwOwog ICAgICAgICBzdGF0aWMgY29uc3QgaW50IHBhdGNoT2Zmc2V0R2V0QnlJZEJyYW5jaFRvU2xvd0Nh c2UgPSAyNjsKLSAgICAgICAgc3RhdGljIGNvbnN0IGludCBwYXRjaE9mZnNldEdldEJ5SWRQcm9w ZXJ0eU1hcE9mZnNldDEgPSA0NjsKLSAgICAgICAgc3RhdGljIGNvbnN0IGludCBwYXRjaE9mZnNl dEdldEJ5SWRQcm9wZXJ0eU1hcE9mZnNldDIgPSA1ODsKLSAgICAgICAgc3RhdGljIGNvbnN0IGlu dCBwYXRjaE9mZnNldEdldEJ5SWRQdXRSZXN1bHQgPSA2MjsKKyAgICAgICAgc3RhdGljIGNvbnN0 IGludCBwYXRjaE9mZnNldEdldEJ5SWRQcm9wZXJ0eU1hcE9mZnNldDEgPSAzNjsKKyAgICAgICAg c3RhdGljIGNvbnN0IGludCBwYXRjaE9mZnNldEdldEJ5SWRQcm9wZXJ0eU1hcE9mZnNldDIgPSA0 ODsKKyAgICAgICAgc3RhdGljIGNvbnN0IGludCBwYXRjaE9mZnNldEdldEJ5SWRQdXRSZXN1bHQg PSA1MjsKICNpZiBFTkFCTEUoT1BDT0RFX1NBTVBMSU5HKQogICAgICAgICAjZXJyb3IgIk9QQ09E RV9TQU1QTElORyBpcyBub3QgeWV0IHN1cHBvcnRlZCIKICNlbHNlCi0tIAoxLjcuMy40Cgo=