Bug 169018

Created attachment 303046 [details] Test JavaScript and sample backtraces. While testing PhantomJS, which uses WebKit 5.5.1 internally - crashes are seen in the heap maintainer code inside JavaScriptCore module. The crash is typically seen when PhantomJS completes the task and then starts winding down for exit. The tests is being done on Power8/LE using Ubuntu 16.04LTS. As the issue is first seen with PhantomJS, a bug has been raised at https://github.com/ariya/phantomjs/issues/14859, but in reality the issue is with the WebKit, so I think it is logical to file a bug with WebKit as well. Unfortunately I don't have any test script which can directly be used with WebKit. However I am attaching the test script I am using with PhantomJS. Additionally, I am also attaching a couple of backtraces as samples. I think heap handling and synchronization requires to be rechecked and fixed in order to avoid these crashes. I am attaching the sample script and the backtraces. Please remove the backtrace part in the attached file before using it for tests. Typically, the command issued to test it is: bin/phantomjs ./run-qunit.js http://engadget.com