Bug 149619

Summary: [ARM] REGRESSION(r190289): It made 374 tests crash on 32 bit ARM Linux
Product: WebKit Reporter: Csaba Osztrogonác <ossy>
Component: JavaScriptCoreAssignee: Michael Saboff <msaboff>
Status: RESOLVED FIXED    
Severity: Critical CC: msaboff
Priority: P1    
Version: Other   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 108645, 148664    
Attachments:
Description Flags
Patch fpizlo: review+

Csaba Osztrogonác
Reported 2015-09-29 02:29:48 PDT
https://trac.webkit.org/changeset/190289 made 374 tests crash on 32 bit ARM Linux platforms. (81 different tests) EFL ARMv7 Thumb2 instructuon set: https://build.webkit.org/builders/EFL%20Linux%20ARMv7%20Thumb2%20Release/builds/15412 EFL ARMv7 "traditional" ARM instruction set: https://build.webkit.org/builders/EFL%20Linux%20ARMv7%20Traditional%20Release/builds/15278 GTK ARM "whatever": https://build.webkit.org/builders/GTK%20Linux%20ARM%20Release/builds/8640
Attachments
Patch (1.41 KB, patch)
2015-09-30 14:34 PDT, Michael Saboff 		fpizlo: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2015-09-29 14:41:54 PDT
Should this be duped to bug 149647 now (the rollout bug)?
Michael Saboff
Comment 2 2015-09-30 14:16:47 PDT
I think I found the issue. In LowLevelAssembler.asm, the macro prepareForTailCall had the following construct: if ARM or SH4 or ARM64 or C_LOOP or MIPS addp 2 * PtrSize, sp subi 2 * PtrSize, temp2 loadp PtrSize[cfr], lr else addp PtrSize, sp subi PtrSize, temp2 loadp PtrSize[cfr], temp3 storep temp3, [sp] end The "if ARM or SH4 ..." case accounts for having a link register. The problem is that this if should also take into account the other ARM variants. It should read: if ARM or ARMv7_TRADITIONAL or ARMv7 or SH4 or ARM64 or C_LOOP or MIPS Running all JSC regression tests now.
Michael Saboff
Comment 3 2015-09-30 14:34:15 PDT
Created attachment 262191 [details] Patch
Michael Saboff
Comment 4 2015-09-30 15:30:05 PDT
Landed as part of change set r190370: <http://trac.webkit.org/changeset/190370>.
Note You need to log in before you can comment on or make changes to this bug.