Bug 227334

Summary: Turn off data ICs by default
Product: WebKit Reporter: Saam Barati <saam>
Component: JavaScriptCoreAssignee: Saam Barati <saam>
Status: RESOLVED FIXED    
Severity: Normal CC: ews-watchlist, keith_miller, mark.lam, msaboff, tzagallo, webkit-bug-importer, ysuzuki
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 227551    
Attachments:
Description Flags
patch
ysuzuki: review+
patch for landing none

Description Saam Barati 2021-06-23 17:56:16 PDT 
When running like:

jsc JSTests/stress/delete-property-inline-cache.js --useFTLJIT=false --useFunctionDotArguments=true --validateExceptionChecks=true --useDollarVM=true --maxPerThreadStackUsage=1572864 --validateGraph=true --validateBCE=true --airForceIRCAllocator=true --useFTLJIT=true --useConcurrentJIT=false --thresholdForJITAfterWarmUp=100 --scribbleFreeCells=true --thresholdForJITAfterWarmUp=10 --thresholdForJITSoon=10 --thresholdForOptimizeAfterWarmUp=20 --thresholdForOptimizeAfterLongWarmUp=20 --thresholdForOptimizeSoon=20 --thresholdForFTLOptimizeAfterWarmUp=20 --thresholdForFTLOptimizeSoon=20 --thresholdForOMGOptimizeAfterWarmUp=20 --thresholdForOMGOptimizeSoon=20 --maximumEvalCacheableSourceLength=150000 --useEagerCodeBlockJettisonTiming=true --repatchBufferingCountdown=0 --collectContinuously=true --useGenerationalGC=false --verifyGC=false --forceOSRExitToLLInt=true --useExecutableAllocationFuzz=true --fireExecutableAllocationFuzzRandomly=true --useConcurrentGC=1

Seems like a GC bug
Comment 1 Saam Barati 2021-06-23 18:01:22 PDT 
My guess is we have some GC issue w.r.t exceptions.
Comment 2 Radar WebKit Bug Importer 2021-06-25 17:13:44 PDT 
<rdar://problem/79802812>
Comment 3 Saam Barati 2021-06-29 10:41:56 PDT 
Bisecting current status:

GC bug:

272448 [ good ]
275867 [ good ]
277577 [ good ]
278417 [ good ]
278629 [ good? ]
278852 [ bad ]
279287 [ bad ]


Will continue bisecting today
Comment 4 Saam Barati 2021-06-29 16:54:30 PDT 
I think the bug is related to SSI Data ICs:
https://trac.webkit.org/changeset/278656/webkit

Working on confirming this now.
Comment 5 Saam Barati 2021-06-30 15:52:37 PDT 
Created attachment 432636 [details]
patch
Comment 6 Yusuke Suzuki 2021-06-30 15:53:15 PDT 
Comment on attachment 432636 [details]
patch

r=me
Comment 7 Saam Barati 2021-06-30 18:06:35 PDT 
Created attachment 432647 [details]
patch for landing
Comment 8 EWS 2021-06-30 23:07:41 PDT 
Committed r279449 (239305@main): <https://commits.webkit.org/239305@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 432647 [details].