Bug 164327

Summary: Crashes in ByteCodeParser::getPredictionWithoutOSRExit on certain sites
Product: WebKit Reporter: Dieter Komendera <dieter>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED DUPLICATE    
Severity: Normal CC: fpizlo, saam, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: Safari Technology Preview   
Hardware: Mac   
OS: macOS 10.12   
Attachments:
Description Flags
crash log none

Dieter Komendera
Reported 2016-11-02 10:25:04 PDT
Created attachment 293671 [details] crash log URL: https://travis-ci.org/rails/rails/jobs/172644765 macOS 10.12.1 (16B2555) STP Release 16 (Safari 10.1, WebKit 12603.1.10) Steps to reproduce: * go to the URL above Crashed Thread: 11 WTF::AutomaticThread Thread 11 Crashed:: WTF::AutomaticThread 0 com.apple.JavaScriptCore 0x00000001030fa08c JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit(unsigned int) + 620 1 com.apple.JavaScriptCore 0x00000001030ecdeb JSC::DFG::ByteCodeParser::handleCall(int, JSC::DFG::NodeType, JSC::CallMode, unsigned int, JSC::DFG::Node*, int, int, JSC::CallLinkStatus) + 379 2 com.apple.JavaScriptCore 0x00000001030ec56d JSC::DFG::ByteCodeParser::handleCall(int, JSC::DFG::NodeType, JSC::CallMode, unsigned int, int, int, int) + 429 3 com.apple.JavaScriptCore 0x0000000102d7acca JSC::DFG::ByteCodeParser::parseBlock(unsigned int) + 6698 4 com.apple.JavaScriptCore 0x0000000102d7902b JSC::DFG::ByteCodeParser::parseCodeBlock() + 1243 5 com.apple.JavaScriptCore 0x000000010310090a void
Attachments
crash log (97.16 KB, application/octet-stream)
2016-11-02 10:25 PDT, Dieter Komendera 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Dieter Komendera
Comment 1 2016-11-02 10:26:54 PDT
Related to https://bugs.webkit.org/show_bug.cgi?id=164306 ?
Radar WebKit Bug Importer
Comment 2 2016-11-02 16:52:57 PDT
<rdar://problem/29079164>
Saam Barati
Comment 3 2016-11-06 15:15:37 PST
Dieter, do you know which websites you saw this on? It looks like it could be solved by the fix in: https://bugs.webkit.org/show_bug.cgi?id=164306
Dieter Komendera
Comment 4 2016-11-06 22:38:36 PST
Saam, mostly on Travis CI build logs like the one in my original report, but also other build logs like https://travis-ci.org/elixir-lang/elixir/jobs/173800891
Saam Barati
Comment 5 2016-11-07 11:31:44 PST
Dieter, this is indeed the same problem as: https://bugs.webkit.org/show_bug.cgi?id=164306 I've just verified that the fix for that bug also fixes this crash. Thanks for reporting the bug. *** This bug has been marked as a duplicate of bug 164306 ***
Note You need to log in before you can comment on or make changes to this bug.