Bug 139865

Summary: js/promises-tests/promises-tests-2-3-3.html sometimes crashes under DFG::SpeculativeJIT::compile
Product: WebKit Reporter: Alexey Proskuryakov <ap>
Component: JavaScriptCoreAssignee: Michael Saboff <msaboff>
Status: RESOLVED FIXED    
Severity: Normal CC: fpizlo, ggaren, mark.lam, msaboff, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch ap: review+

Alexey Proskuryakov
Reported 2014-12-22 09:26:37 PST
run-webkit-tests js/promises-tests/promises-tests-2-3-3.html -f --repeat 1000 Thread 13 Crashed:: DFG Worklist Worker Thread 0 com.apple.JavaScriptCore 0x0000000103d62c8a WTFCrash + 42 (Assertions.cpp:321) 1 com.apple.JavaScriptCore 0x00000001037acc31 JSC::DFG::SpeculativeJIT::compile(JSC::DFG::Node*) + 79505 (DFGSpeculativeJIT64.cpp:4540) 2 com.apple.JavaScriptCore 0x000000010374e17a JSC::DFG::SpeculativeJIT::compileCurrentBlock() + 1754 (DFGSpeculativeJIT.cpp:1463) 3 com.apple.JavaScriptCore 0x000000010374e946 JSC::DFG::SpeculativeJIT::compile() + 182 (DFGSpeculativeJIT.cpp:1568) 4 com.apple.JavaScriptCore 0x00000001036d72a7 JSC::DFG::JITCompiler::compileBody() + 55 (DFGJITCompiler.cpp:113) 5 com.apple.JavaScriptCore 0x00000001036d9d73 JSC::DFG::JITCompiler::compileFunction() + 1187 (DFGJITCompiler.cpp:354) 6 com.apple.JavaScriptCore 0x000000010373b040 JSC::DFG::Plan::compileInThreadImpl(JSC::DFG::LongLivedState&) + 3184 (DFGPlan.cpp:302) 7 com.apple.JavaScriptCore 0x000000010373a041 JSC::DFG::Plan::compileInThread(JSC::DFG::LongLivedState&, JSC::DFG::ThreadData*) + 417 (DFGPlan.cpp:164) 8 com.apple.JavaScriptCore 0x00000001038049c9 JSC::DFG::Worklist::runThread(JSC::DFG::ThreadData*) + 745 (DFGWorklist.cpp:358) 9 com.apple.JavaScriptCore 0x0000000103802ef4 JSC::DFG::Worklist::threadFunction(void*) + 36 (DFGWorklist.cpp:401) 10 com.apple.JavaScriptCore 0x0000000103db8ed9 WTF::createThread(void (*)(void*), void*, char const*)::$_0::operator()() const + 25 (Threading.cpp:82) rdar://problem/19326058
Attachments
Patch (1.98 KB, patch)
2015-03-26 09:54 PDT, Michael Saboff 		ap: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2014-12-22 09:39:26 PST
Skipped the test in r177633.
Alexey Proskuryakov
Comment 2 2014-12-22 10:41:08 PST
This test used to have a Slow expectation, which will need to be reinstated once the crash is fixed.
Michael Saboff
Comment 3 2015-03-26 09:54:30 PDT
Created attachment 249493 [details] Patch
Michael Saboff
Comment 4 2015-03-26 10:05:19 PDT
Committed r182013: <http://trac.webkit.org/changeset/182013>
Note You need to log in before you can comment on or make changes to this bug.