Bug 110756 - REGRESSION(r143654): some jquery test asserts on 32 bit debug build
Summary: REGRESSION(r143654): some jquery test asserts on 32 bit debug build
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Tools / Tests (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Filip Pizlo
URL:
Keywords:
Depends on:
Blocks: 79668 109371
  Show dependency treegraph
 
Reported: 2013-02-25 07:20 PST by Zoltan Arvai
Modified: 2013-02-25 20:27 PST (History)
5 users (show)

See Also:


Attachments
the patch (1.43 KB, patch)
2013-02-25 19:57 PST, Filip Pizlo
ggaren: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Zoltan Arvai 2013-02-25 07:20:38 PST
After r143654 some tests started crashing.

fast/js tests related problem was solved by https://bugs.webkit.org/show_bug.cgi?id=110590.

We just realized that some jquery tests are also affected by the changes in 32bit debug build:

jquery/offset.html
jquery/deferred.html
jquery/event.html
jquery/core.html
jquery/manipulation.html
jquery/traversing.html

http://build.webkit.sed.hu/results/x86-32%20Linux%20Qt%20Debug/r143910%20%2824581%29/results.html


Backtrace with  Qt 5.0.1, WebKit r143918, jquery/offset.html:

(32bit)azbest@cute4:~/32bit/WebKit$ ../run-in-xvfb.sh gdb WebKitBuild/Debug/bin/DumpRenderTree
GNU gdb (Ubuntu/Linaro 7.4-2012.02-0ubuntu2) 7.4-2012.02
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "i686-linux-gnu".
For bug reporting instructions, please see:
<http://bugs.launchpad.net/gdb-linaro/>...
Reading symbols from /home/azbest/32bit/WebKit/WebKitBuild/Debug/bin/DumpRenderTree...done.
(gdb) run jquery/offset.html
Starting program: /home/azbest/32bit/WebKit/WebKitBuild/Debug/bin/DumpRenderTree jquery/offset.html
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
[New Thread 0xf01b5b40 (LWP 2265)]
[New Thread 0xef7ffb40 (LWP 2268)]
[Thread 0xef7ffb40 (LWP 2268) exited]
[New Thread 0xef7ffb40 (LWP 2270)]
[New Thread 0xee945b40 (LWP 2272)]
ASSERTION FAILED: mode == ManualOperandSpeculation || edge.useKind() == UntypedUse
/home/azbest/32bit/WebKit/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h(2393) : JSC::DFG::JSValueOperand::JSValueOperand(JSC::DFG::SpeculativeJIT*, JSC::DFG::Edge, JSC::DFG::OperandSpeculationMode)
1 0xf60b0309 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1b7f309) [0xf60b0309]
2 0xf60d6293 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1ba5293) [0xf60d6293]
3 0xf609c403 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1b6b403) [0xf609c403]
4 0xf609cae6 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1b6bae6) [0xf609cae6]
5 0xf6068427 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1b37427) [0xf6068427]
6 0xf60695f6 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1b385f6) [0xf60695f6]
7 0xf6059e62 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1b28e62) [0xf6059e62]
8 0xf6059699 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1b28699) [0xf6059699]
9 0xf61ec7a0 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1cbb7a0) [0xf61ec7a0]
10 0xf61eca5c /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1cbba5c) [0xf61eca5c]
11 0xf61eadcc /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1cb9dcc) [0xf61eadcc]
12 0xf61ea5dd /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1cb95dd) [0xf61ea5dd]
13 0xf5f5f768 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1a2e768) [0xf5f5f768]
14 0xf5f5a44d /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1a2944d) [0xf5f5a44d]
15 0xf613f2de /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1c0e2de) [0xf613f2de]
16 0xf613c146 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1c0b146) [0xf613c146]
17 0xeea002f8 [0xeea002f8]
18 0xf6106fd1 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1bd5fd1) [0xf6106fd1]
19 0xf6104e07 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1bd3e07) [0xf6104e07]
20 0xf61da1cf /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(_ZN3JSC4callEPNS_9ExecStateENS_7JSValueENS_8CallTypeERKNS_8CallDataES2_RKNS_7ArgListE+0x129) [0xf61da1cf]
21 0xf61f03b9 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1cbf3b9) [0xf61f03b9]
22 0xf027314f [0xf027314f]
23 0xf6106fd1 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1bd5fd1) [0xf6106fd1]
24 0xf6104e07 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x1bd3e07) [0xf6104e07]
25 0xf61da1cf /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(_ZN3JSC4callEPNS_9ExecStateENS_7JSValueENS_8CallTypeERKNS_8CallDataES2_RKNS_7ArgListE+0x129) [0xf61da1cf]
26 0xf4ae15e6 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x5b05e6) [0xf4ae15e6]
27 0xf4b38969 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x607969) [0xf4b38969]
28 0xf4b38b62 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x607b62) [0xf4b38b62]
29 0xf4b386ea /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0x6076ea) [0xf4b386ea]
30 0xf51e9b61 /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0xcb8b61) [0xf51e9b61]
31 0xf53469bf /home/azbest/32bit/WebKit/WebKitBuild/Debug/lib/libQt5WebKit.so.5(+0xe159bf) [0xf53469bf]
 
Program received signal SIGSEGV, Segmentation fault.
0xf60b0313 in JSC::DFG::JSValueOperand::JSValueOperand(JSC::DFG::SpeculativeJIT*, JSC::DFG::Edge, JSC::DFG::OperandSpeculationMode) ()
at /home/azbest/32bit/WebKit/Source/WTF/wtf/PrintStream.h:58
58 }
(gdb) bt
#0 0xf60b0313 in JSC::DFG::JSValueOperand::JSValueOperand(JSC::DFG::SpeculativeJIT*, JSC::DFG::Edge, JSC::DFG::OperandSpeculationMode) ()
at /home/azbest/32bit/WebKit/Source/WTF/wtf/PrintStream.h:58
#1 0xf60d6293 in JSC::DFG::SpeculativeJIT::compile(JSC::DFG::Node*) ()
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp:4399
#2 0xf609c403 in JSC::DFG::SpeculativeJIT::compile (this=0xffffacc0,
block=0x851b6d8)
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:1767
#3 0xf609cae6 in JSC::DFG::SpeculativeJIT::compile (this=0xffffacc0)
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:1881
#4 0xf6068427 in JSC::DFG::JITCompiler::compileBody (this=0xffffbf0c,
speculative=0xffffacc0)
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/dfg/DFGJITCompiler.cpp:108
#5 0xf60695f6 in JSC::DFG::JITCompiler::compileFunction(JSC::JITCode&, JSC::MacroAssemblerCodePtr&) ()
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/dfg/DFGJITCompiler.cpp:302
#6 0xf6059e62 in JSC::DFG::compile(JSC::DFG::CompileMode, JSC::ExecState*, JSC::CodeBlock*, JSC::JITCode&, JSC::MacroAssemblerCodePtr*, unsigned int) ()
---Type <return> to continue, or q <return> to quit---
at /home/azbest/32bit/WebKit/Source/WTF/wtf/PrintStream.h:58
#7 0xf6059699 in JSC::DFG::tryCompileFunction(JSC::ExecState*, JSC::CodeBlock*, JSC::JITCode&, JSC::MacroAssemblerCodePtr&, unsigned int) ()
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/dfg/DFGDriver.cpp:189
#8 0xf61ec7a0 in JSC::jitCompileFunctionIfAppropriate(JSC::ExecState*, WTF::OwnPtr<JSC::FunctionCodeBlock>&, JSC::JITCode&, JSC::MacroAssemblerCodePtr&, JSC::JITCode::JITType, unsigned int, JSC::JITCompilationEffort) ()
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/bytecode/SpeculatedType.h:260
#9 0xf61eca5c in JSC::prepareFunctionForExecution(JSC::ExecState*, WTF::OwnPtr<JSC::FunctionCodeBlock>&, JSC::JITCode&, JSC::MacroAssemblerCodePtr&, JSC::JITCode::JITType, unsigned int, JSC::CodeSpecializationKind) ()
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/bytecode/SpeculatedType.h:260
#10 0xf61eadcc in JSC::FunctionExecutable::compileForCallInternal (
this=0xedfa4c38, exec=0xeea003e0, scope=0xede9fdc8, jitType=DFGJIT,
bytecodeIndex=<unknown type>)
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/runtime/Executable.cpp:538
#11 0xf61ea5dd in JSC::FunctionExecutable::compileOptimizedForCall (
this=0xedfa4c38, exec=0xeea003e0, scope=0xede9fdc8,
bytecodeIndex=<unknown type>)
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/runtime/Executable.cpp:46---Type <return> to continue, or q <return> to quit---
3
#12 0xf5f5f768 in JSC::FunctionExecutable::compileOptimizedFor(JSC::ExecState*, JSC::JSScope*, unsigned int, JSC::CodeSpecializationKind) ()
at /home/azbest/32bit/WebKit/Source/WTF/wtf/PrintStream.h:58
#13 0xf5f5a44d in JSC::FunctionCodeBlock::compileOptimized (this=0x839b680,
exec=0xeea003e0, scope=0xede9fdc8, bytecodeIndex=<unknown type>)
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/bytecode/CodeBlock.cpp:2846
#14 0xf613f2de in cti_optimize (args=0xffffc4d0)
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/jit/JITStubs.cpp:1892
#15 0xf613c146 in JSC::tryCacheGetByID (callFrame=0xeda60000,
codeBlock=0x8107c60, returnAddress=..., baseValue=...,
propertyName=0x80fe610, slot=0xffffc558, stubInfo=0xf6078d9c)
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/jit/JITStubs.cpp:989
#16 0xeea002f8 in ?? ()
#17 0xf6106fd1 in JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::JSGlobalData*) () at /home/azbest/32bit/WebKit/Source/WTF/wtf/PrintStream.h:58
#18 0xf6104e07 in JSC::Interpreter::executeCall (this=0x8107c58,
callFrame=0xeea001b0, function=0xee9b3458, callType=CallTypeJS,
callData=0xffffc6bc, thisValue=..., args=0xffffc6ac)
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/interpreter/Interpreter.cpp:1059
#19 0xf61da1cf in JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::C---Type <return> to continue, or q <return> to quit---
allData const&, JSC::JSValue, JSC::ArgList const&) ()
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/runtime/CallData.cpp:40
#20 0xf61f03b9 in JSC::functionProtoFuncCall (exec=0xeea001b0)
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/runtime/FunctionPrototype.cpp:168
#21 0xf027314f in ?? ()
#22 0xf6106fd1 in JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::JSGlobalData*) () at /home/azbest/32bit/WebKit/Source/WTF/wtf/PrintStream.h:58
#23 0xf6104e07 in JSC::Interpreter::executeCall (this=0x8107c58,
callFrame=0xeef3f594, function=0xee9b6878, callType=CallTypeJS,
callData=0xffffc96c, thisValue=..., args=0xffffc994)
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/interpreter/Interpreter.cpp:1059
#24 0xf61da1cf in JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) ()
at /home/azbest/32bit/WebKit/Source/JavaScriptCore/runtime/CallData.cpp:40
#25 0xf4ae15e6 in WebCore::JSMainThreadExecState::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&)
() at /home/azbest/32bit/WebKit/Source/WTF/wtf/PassOwnArrayPtr.h:83
#26 0xf4b38969 in WebCore::ScheduledAction::executeFunctionInContext(JSC::JSGlobalObject*, JSC::JSValue, WebCore::ScriptExecutionContext*) ()
at /home/azbest/32bit/WebKit/Source/WTF/wtf/PassOwnArrayPtr.h:83
#27 0xf4b38b62 in WebCore::ScheduledAction::execute(WebCore::Document*) ()
---Type <return> to continue, or q <return> to quit---
at /home/azbest/32bit/WebKit/Source/WTF/wtf/PassOwnArrayPtr.h:83
#28 0xf4b386ea in WebCore::ScheduledAction::execute(WebCore::ScriptExecutionContext*) () at /home/azbest/32bit/WebKit/Source/WTF/wtf/PassOwnArrayPtr.h:83
#29 0xf51e9b61 in WebCore::DOMTimer::fired() ()
at /usr/include/c++/4.6/bits/stl_algobase.h:368
#30 0xf53469bf in WebCore::ThreadTimers::sharedTimerFiredInternal() ()
at /usr/include/c++/4.6/bits/stl_algobase.h:218
#31 0xf53468db in WebCore::ThreadTimers::sharedTimerFired() ()
at /usr/include/c++/4.6/bits/stl_algobase.h:218
#32 0xf562bd7a in WebCore::SharedTimerQt::timerEvent(QTimerEvent*) ()
at /usr/include/c++/4.6/bits/stl_algobase.h:218
#33 0xf37d9ec4 in QObject::event(QEvent*) ()
from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
#34 0xf400de34 in QApplicationPrivate::notify_helper(QObject*, QEvent*) ()
from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Widgets.so.5
#35 0xf4011844 in QApplication::notify(QObject*, QEvent*) ()
from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Widgets.so.5
#36 0xf37afeee in QCoreApplication::notifyInternal(QObject*, QEvent*) ()
from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
#37 0xf37fc6a2 in QTimerInfoList::activateTimers() ()
from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
#38 0xf37fcfe8 in ?? ()
from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
---Type <return> to continue, or q <return> to quit---
#39 0xf2a98cda in g_main_context_dispatch ()
from /lib/i386-linux-gnu/libglib-2.0.so.0
#40 0xf2a990e5 in ?? () from /lib/i386-linux-gnu/libglib-2.0.so.0
#41 0xf2a991c1 in g_main_context_iteration ()
from /lib/i386-linux-gnu/libglib-2.0.so.0
#42 0xf37fd6d8 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
#43 0xf02bc036 in ?? ()
from /usr/local/Trolltech/Qt5/Qt-5.0.1/plugins/platforms/libqxcb.so
#44 0xf37ae726 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
#45 0xf37aeb64 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) ()
from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
#46 0xf37b26b2 in QCoreApplication::exec() ()
from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
#47 0xf3a65984 in QGuiApplication::exec() ()
from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Gui.so.5
#48 0xf4008fe4 in QApplication::exec() ()
from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Widgets.so.5
#49 0x0806e367 in main () at /usr/include/c++/4.6/bits/move.h:130
#50 0xf32cb4d3 in __libc_start_main () from /lib/i386-linux-gnu/libc.so.6
#51 0x08056d71 in _start ()
(gdb)
Comment 1 Zoltan Arvai 2013-02-25 07:48:51 PST
Committed r143925: <http://trac.webkit.org/changeset/143925>
Comment 2 Zoltan Arvai 2013-02-25 07:50:31 PST
Sorry for closing it, the patch in r143925 is for skipping tests on Qt debug.
Comment 3 Filip Pizlo 2013-02-25 19:35:06 PST
Sorry, guys!  I'll have a patch that fixes this, shortly.
Comment 4 Filip Pizlo 2013-02-25 19:57:13 PST
Created attachment 190188 [details]
the patch

I think this fixes all of the crashes.
Comment 5 Geoffrey Garen 2013-02-25 20:10:56 PST
Comment on attachment 190188 [details]
the patch

r=me
Comment 6 Filip Pizlo 2013-02-25 20:27:41 PST
Landed in http://trac.webkit.org/changeset/144005