jslinux crashes, occasionally during boot, but consistently when running gcc 1. JSC_enableConcurrentJIT=0 JSC_maximumInliningDepth=1 JSC_bytecodeRangeToDFGCompile=435:445 run-minibrowser 2. Go to http://bellard.org/jslinux/ 3. Wait for linux to boot 4. type gcc hello.c This results in a crash in release build, and the following assertion failure: ASSERTION FAILED: to.isSet() /Volumes/Data/git/WebKit/OpenSource/Source/JavaScriptCore/assembler/X86Assembler.h(1862) : void JSC::X86Assembler::linkJump(JSC::AssemblerLabel, JSC::AssemblerLabel) 1 0x1047b76a0 WTFCrash 2 0x10436cefc JSC::X86Assembler::linkJump(JSC::AssemblerLabel, JSC::AssemblerLabel) 3 0x1044223a9 JSC::AbstractMacroAssembler<JSC::X86Assembler>::Jump::linkTo(JSC::AbstractMacroAssembler<JSC::X86Assembler>::Label, JSC::AbstractMacroAssembler<JSC::X86Assembler>*) const 4 0x10447111c JSC::DFG::SpeculativeJIT::linkBranches() 5 0x10447105f JSC::DFG::SpeculativeJIT::compile() 6 0x10441d214 JSC::DFG::JITCompiler::compileBody() 7 0x10441f3b4 JSC::DFG::JITCompiler::compileFunction() 8 0x10445534b JSC::DFG::Plan::compileInThreadImpl(JSC::DFG::LongLivedState&) 9 0x104454d26 JSC::DFG::Plan::compileInThread(JSC::DFG::LongLivedState&) 10 0x1043f7b4d JSC::DFG::compile(JSC::DFG::CompileMode, JSC::ExecState*, JSC::CodeBlock*, WTF::RefPtr<JSC::JITCode>&, JSC::MacroAssemblerCodePtr*, unsigned int) 11 0x1043f7bcc JSC::DFG::tryCompileFunction(JSC::ExecState*, JSC::CodeBlock*, WTF::RefPtr<JSC::JITCode>&, JSC::MacroAssemblerCodePtr&, unsigned int) 12 0x10450dfa5 JSC::jitCompileFunctionIfAppropriateImpl(JSC::ExecState*, JSC::FunctionCodeBlock*, WTF::RefPtr<JSC::JITCode>&, JSC::MacroAssemblerCodePtr&, JSC::JITCode::JITType, unsigned int, JSC::JITCompilationEffort) 13 0x10450debe JSC::prepareFunctionForExecutionImpl(JSC::ExecState*, JSC::FunctionCodeBlock*, WTF::RefPtr<JSC::JITCode>&, JSC::MacroAssemblerCodePtr&, JSC::JITCode::JITType, unsigned int, JSC::CodeSpecializationKind) 14 0x1045098b9 JSC::prepareFunctionForExecution(JSC::ExecState*, WTF::RefPtr<JSC::FunctionCodeBlock>&, JSC::FunctionCodeBlock*, WTF::RefPtr<JSC::JITCode>&, JSC::MacroAssemblerCodePtr&, int&, JSC::JITCode::JITType, unsigned int, JSC::CodeSpecializationKind) 15 0x104506afc JSC::FunctionExecutable::compileForCallInternal(JSC::ExecState*, JSC::JSScope*, JSC::JITCode::JITType, JSC::CompilationResult*, unsigned int) 16 0x10450689c JSC::FunctionExecutable::compileOptimizedForCall(JSC::ExecState*, JSC::JSScope*, JSC::CompilationResult&, unsigned int) 17 0x1042ff4e4 JSC::FunctionExecutable::compileOptimizedFor(JSC::ExecState*, JSC::JSScope*, JSC::CompilationResult&, unsigned int, JSC::CodeSpecializationKind) 18 0x1042f5353 JSC::FunctionCodeBlock::compileOptimized(JSC::ExecState*, JSC::JSScope*, JSC::CompilationResult&, unsigned int) 19 0x1045706e4 cti_optimize 20 0x1045767c0 jscGeneratedNativeCode 21 0x104552207 JSC::JITCode::execute(JSC::JSStack*, JSC::ExecState*, JSC::VM*) 22 0x104535bd2 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) 23 0x1042e2ede JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) 24 0x10459da39 JSC::boundFunctionCall(JSC::ExecState*) 25 0x104535c08 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) 26 0x1042e2ede JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) 27 0x105f6796b WebCore::JSMainThreadExecState::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) 28 0x106a28d41 WebCore::ScheduledAction::executeFunctionInContext(JSC::JSGlobalObject*, JSC::JSValue, WebCore::ScriptExecutionContext*) 29 0x106a28932 WebCore::ScheduledAction::execute(WebCore::Document*) 30 0x106a28794 WebCore::ScheduledAction::execute(WebCore::ScriptExecutionContext*) 31 0x10597531e WebCore::DOMTimer::fired()