Bug 196399

Summary: [WPE][JSC] Jetstream2 crash on ARMv7
Product: WebKit Reporter: Philippe Normand <pnormand>
Component: JavaScriptCoreAssignee: Caio Lima <ticaiolima>
Status: NEW ---    
Severity: Normal CC: alex, bugs-noreply, clopez, ticaiolima, tonikitoo
Priority: P2    
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 197797    
Bug Blocks:    

Description Philippe Normand 2019-03-29 08:40:34 PDT 
The not so useful backtrace I have so far:

Thread 1 "WPEWebProcess" received signal SIGSEGV, Segmentation fault.
0x7092acf8 in ?? ()
(gdb) bt
#0  0x7092acf8 in ?? ()
#1  0x7674f9c0 in operationStrCat3 () from target:/usr/lib/libWPEWebKit-1.0.so.3
#2  0x00000018 in ?? ()
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
Comment 1 Philippe Normand 2019-03-29 08:42:15 PDT 
The crashing benchmark seems to be WSJ. Disabling the DFG JIT works around the issue but renders the whole thing unusable because too slow.
Comment 2 Caio Lima 2019-04-29 13:01:16 PDT 
I'm investigating it.
Comment 3 Caio Lima 2019-04-29 13:05:00 PDT 
It looks like a bug on tail calls corrupting stack on some cases. I'm trying to get a simple case to reproduce the bug, but I was able to run "WSL" on JSC command line setting "--useTailCall=false".
Comment 4 Alejandro G. Castro 2020-04-13 02:26:34 PDT 
Any update in this problem, we are checking in the rpi3 and the test crashes very early.
Comment 5 Caio Lima 2020-04-29 04:59:58 PDT 
WSL issue should be fixed after https://trac.webkit.org/changeset/258143 landed. I'm able to run it into JetStream 2 CLI. However, due to memory constraints, I'm unable to run the entire JetStream2 without OOM in my rpi device.
Comment 6 Alejandro G. Castro 2020-04-29 07:24:23 PDT 
Just checked, the WSL crash is fixed for me in the rpi device too.