Bug 164327

Summary: Crashes in ByteCodeParser::getPredictionWithoutOSRExit on certain sites
Product: WebKit Reporter: Dieter Komendera <dieter>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED DUPLICATE    
Severity: Normal CC: fpizlo, saam, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: Safari Technology Preview   
Hardware: Mac   
OS: macOS 10.12   
Attachments:
Description Flags
crash log none

Description Dieter Komendera 2016-11-02 10:25:04 PDT 
Created attachment 293671 [details]
crash log

URL: https://travis-ci.org/rails/rails/jobs/172644765

macOS 10.12.1 (16B2555)
STP Release 16 (Safari 10.1, WebKit 12603.1.10)

Steps to reproduce:
* go to the URL above


Crashed Thread:        11  WTF::AutomaticThread
Thread 11 Crashed:: WTF::AutomaticThread
0   com.apple.JavaScriptCore      	0x00000001030fa08c JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit(unsigned int) + 620
1   com.apple.JavaScriptCore      	0x00000001030ecdeb JSC::DFG::ByteCodeParser::handleCall(int, JSC::DFG::NodeType, JSC::CallMode, unsigned int, JSC::DFG::Node*, int, int, JSC::CallLinkStatus) + 379
2   com.apple.JavaScriptCore      	0x00000001030ec56d JSC::DFG::ByteCodeParser::handleCall(int, JSC::DFG::NodeType, JSC::CallMode, unsigned int, int, int, int) + 429
3   com.apple.JavaScriptCore      	0x0000000102d7acca JSC::DFG::ByteCodeParser::parseBlock(unsigned int) + 6698
4   com.apple.JavaScriptCore      	0x0000000102d7902b JSC::DFG::ByteCodeParser::parseCodeBlock() + 1243
5   com.apple.JavaScriptCore      	0x000000010310090a void
Comment 1 Dieter Komendera 2016-11-02 10:26:54 PDT 
Related to https://bugs.webkit.org/show_bug.cgi?id=164306 ?
Comment 2 Radar WebKit Bug Importer 2016-11-02 16:52:57 PDT 
<rdar://problem/29079164>
Comment 3 Saam Barati 2016-11-06 15:15:37 PST 
Dieter, do you know which websites you saw this on?
It looks like it could be solved by the fix in: https://bugs.webkit.org/show_bug.cgi?id=164306
Comment 4 Dieter Komendera 2016-11-06 22:38:36 PST 
Saam, mostly on Travis CI build logs like the one in my original report, but also other build logs like https://travis-ci.org/elixir-lang/elixir/jobs/173800891
Comment 5 Saam Barati 2016-11-07 11:31:44 PST 
Dieter, this is indeed the same problem as:
https://bugs.webkit.org/show_bug.cgi?id=164306

I've just verified that the fix for that bug also fixes this crash. Thanks for reporting the bug.

*** This bug has been marked as a duplicate of bug 164306 ***