Bug 131292

Created attachment 228716 [details]
Patch

Comment on attachment 228716 [details]
Patch

Attachment 228716 [details] did not pass mac-wk2-ews (mac-wk2):
Output: http://webkit-queues.appspot.com/results/4578053791416320

New failing tests:
platform/mac/fast/scrolling/scroll-iframe-latched-mainframe.html
fast/css/first-letter-capitalized-edit-select-crash.html
http/tests/misc/acid3.html
fast/css/dynamic-pseudo-class.html
platform/mac/fast/scrolling/scroll-div-latched-mainframe.html
platform/mac/fast/scrolling/scroll-select-latched-mainframe.html

Created attachment 228719 [details]
Archive of layout-test-results from webkit-ews-11 for mac-mountainlion-wk2

The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews.
Bot: webkit-ews-11  Port: mac-mountainlion-wk2  Platform: Mac OS X 10.8.5

Comment on attachment 228716 [details]
Patch

Attachment 228716 [details] did not pass mac-ews (mac):
Output: http://webkit-queues.appspot.com/results/5766457283575808

New failing tests:
fast/css/dynamic-pseudo-class.html
fast/css/first-letter-capitalized-edit-select-crash.html
http/tests/misc/acid3.html

Created attachment 228720 [details]
Archive of layout-test-results from webkit-ews-06 for mac-mountainlion

The attached test failures were seen while running run-webkit-tests on the mac-ews.
Bot: webkit-ews-06  Port: mac-mountainlion  Platform: Mac OS X 10.8.5

Created attachment 228721 [details]
Patch

Comment on attachment 228721 [details]
Patch

Clearing flags on attachment: 228721

Committed r166870: <http://trac.webkit.org/changeset/166870>

All reviewed patches have been landed.  Closing bug.

(In reply to comment #7)
> (From update of attachment 228721 [details])
> Clearing flags on attachment: 228721
> 
> Committed r166870: <http://trac.webkit.org/changeset/166870>

It made Dromaeo/cssquery-dojo.html crash on the Mountain Lion
and the EFL performance bots. Could you check this regression?

(In reply to comment #9)
> (In reply to comment #7)
> > (From update of attachment 228721 [details] [details])
> > Clearing flags on attachment: 228721
> > 
> > Committed r166870: <http://trac.webkit.org/changeset/166870>
> 
> It made Dromaeo/cssquery-dojo.html crash on the Mountain Lion
> and the EFL performance bots. Could you check this regression?

Yep.
Do you have a backtrace of the crash?

No, I don't have any backtrace. And I don't have 
time to debug the regression your patch caused.

check
- http://build.webkit.org/builders/Apple%20MountainLion%20Release%20%28Perf%29/builds/8542
- http://build.webkit.org/builders/EFL%20Linux%2064-bit%20Release%20WK2%20%28Perf%29/builds/1559

It seems the EFL bot provides some kind of backtrace:
Running Dromaeo/cssquery-dojo.html (46 of 128)
error: Dromaeo/cssquery-dojo.html
1   0x7f775df41ae0
2   0x7f775e2cbff0
3   0x7f775dac18a7 JSC::speculationFromCell(JSC::JSCell*)
4   0x7f775dbc76c3 JSC::DFG::PredictionPropagationPhase::propagate(JSC::DFG::Node*)
5   0x7f775dbc9456 bool JSC::DFG::runAndLog<JSC::DFG::PredictionPropagationPhase>(JSC::DFG::PredictionPropagationPhase&)
6   0x7f775dbc9f1e JSC::DFG::performPredictionPropagation(JSC::DFG::Graph&)
7   0x7f775dbc6376 JSC::DFG::Plan::compileInThreadImpl(JSC::DFG::LongLivedState&)
8   0x7f775dbc6837 JSC::DFG::Plan::compileInThread(JSC::DFG::LongLivedState&, JSC::DFG::ThreadData*)
9   0x7f775db58674 JSC::DFG::compile(JSC::VM&, JSC::CodeBlock*, JSC::CodeBlock*, JSC::DFG::CompilationMode, unsigned int, JSC::Operands<JSC::JSValue, JSC::OperandValueTraits<JSC::JSValue> > const&, WTF::PassRefPtr<JSC::DeferredCompilationCallback>)
10  0x7f775dce8c29
11  0x7f770402f5d7

FAILED
Finished: 600.570791 s

I doubt that crash is related to this patch. This JIT has nothing to do with the DFG JIT.

I checked the bot history, it seems this patch is unrelated,
the crash was present before it. Sorry for blaming you.

I filed a new bug report about the regression:
https://bugs.webkit.org/show_bug.cgi?id=131356