Bug 136162

Summary:

[JSC] ASSERTION FAILED: imm26 == (imm26 << 6) >> 6 in JSC::ARM64Assembler::unconditionalBranchImmediate

Product:

WebKit

Reporter:

Akos Kiss <akiss>

Component:

JavaScriptCore

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

benjamin, cmarcelo, commit-queue, fpizlo, gyuyoung.kim, msaboff, ossy

Priority:

Version:

528+ (Nightly build)

Hardware:

Unspecified

OS:

Unspecified

Bug Depends on:

Bug Blocks:

108645

Attachments:

Description	Flags
Proposed patch.	none

Description Akos Kiss 2014-08-22 11:09:27 PDT

When running tests on EFL/ARM64, jsc sporadically segfaults with "ASSERTION FAILED: imm26 == (imm26 << 6) >> 6" in JSC::ARM64Assembler::unconditionalBranchImmediate (e.g., when linking a call from 0x7fa76df114 to 0x7fb0728a20). The error is non-deterministic, it depends on where the executable allocator allocates chunks of memory.

Comment 1 Akos Kiss 2014-08-22 11:13:47 PDT

Created attachment 236992 [details]
Proposed patch.

Comment 2 Michael Saboff 2014-08-22 11:22:29 PDT

Comment on attachment 236992 [details]
Proposed patch.

r=me

Comment 3 WebKit Commit Bot 2014-08-22 12:00:02 PDT

Comment on attachment 236992 [details]
Proposed patch.

Clearing flags on attachment: 236992

Committed r172863: <http://trac.webkit.org/changeset/172863>

Comment 4 WebKit Commit Bot 2014-08-22 12:00:06 PDT

All reviewed patches have been landed.  Closing bug.