Bug 164411

Summary: [Win32] Crash in layout tests.
Product: WebKit Reporter: Per Arne Vollan <pvollan>
Component: WebCore Misc.Assignee: Per Arne Vollan <pvollan>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, buildbot, cdumez, commit-queue, keith_miller, mark.lam, msaboff, rniwa, saam, ysuzuki
Priority: P2    
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Archive of layout-test-results from ews101 for mac-yosemite
none
Patch
none
Patch
none
Patch none

Per Arne Vollan
Reported 2016-11-04 06:11:16 PDT
I am seeing an access violation crash during layout tests under the function unsafeJsElementPrototypeFunctionGetAttribute. This crashes because the JSC code that emits the call assumes that the function is using the cdecl calling convention (JIT_OPERATION), but it is using the fastcall calling convention (JSC_HOST_CALL).
Attachments
Patch (2.33 KB, patch)
2016-11-04 06:22 PDT, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Archive of layout-test-results from ews101 for mac-yosemite (940.19 KB, application/zip)
2016-11-04 07:29 PDT, Build Bot 		no flags
Details
Patch (3.05 KB, patch)
2016-11-08 00:30 PST, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Patch (2.32 KB, patch)
2016-11-09 01:20 PST, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Patch (7.69 KB, patch)
2016-11-09 03:07 PST, Per Arne Vollan 		no flags
DetailsFormatted DiffDiff
Show Obsolete (3) View All Add attachment proposed patch, testcase, etc.
Per Arne Vollan
Comment 1 2016-11-04 06:22:33 PDT
Created attachment 293881 [details] Patch
Build Bot
Comment 2 2016-11-04 07:29:03 PDT
Comment on attachment 293881 [details] Patch Attachment 293881 [details] did not pass mac-ews (mac): Output: http://webkit-queues.webkit.org/results/2461563 New failing tests: inspector/sampling-profiler/call-frame-with-dom-functions.html
Build Bot
Comment 3 2016-11-04 07:29:07 PDT
Created attachment 293885 [details] Archive of layout-test-results from ews101 for mac-yosemite The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews101 Port: mac-yosemite Platform: Mac OS X 10.10.5
Per Arne Vollan
Comment 4 2016-11-08 00:30:55 PST
Created attachment 294143 [details] Patch
Yusuke Suzuki
Comment 5 2016-11-08 10:51:15 PST
Comment on attachment 294143 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=294143&action=review Oops, thanks! > Source/JavaScriptCore/ChangeLog:8 > + Emit fastcall code for Win32, since the callee is declared as JSC_HOST_CALL (fastcall on Win32). We should replace JSC_HOST_CALL with JIT_OPERATION. It is CDECL.
Per Arne Vollan
Comment 6 2016-11-09 01:20:53 PST
Created attachment 294226 [details] Patch
Yusuke Suzuki
Comment 7 2016-11-09 01:23:29 PST
Comment on attachment 294226 [details] Patch r=me
Per Arne Vollan
Comment 8 2016-11-09 01:24:49 PST
(In reply to comment #7) > Comment on attachment 294226 [details] > Patch > > r=me Thanks for reviewing :)
Per Arne Vollan
Comment 9 2016-11-09 03:07:06 PST
Created attachment 294228 [details] Patch
Per Arne Vollan
Comment 10 2016-11-09 03:08:50 PST
(In reply to comment #9) > Created attachment 294228 [details] > Patch Bindings tests failed, updated patch.
Per Arne Vollan
Comment 11 2016-11-10 01:30:56 PST
The binding tests are passing now :)
Mark Lam
Comment 12 2016-11-10 08:31:36 PST
Comment on attachment 294228 [details] Patch r=me
WebKit Commit Bot
Comment 13 2016-11-10 09:26:06 PST
Comment on attachment 294228 [details] Patch Clearing flags on attachment: 294228 Committed r208541: <http://trac.webkit.org/changeset/208541>
WebKit Commit Bot
Comment 14 2016-11-10 09:26:12 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.