The LLInt CLoop crashes when loading http://news.google.com/ with an iPad User-Agent. I'm using "Mozilla/5.0 (iPad; CPU OS 5_0 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9A334 Safari/7534.48.3" but probably a newer one would work, too. The DFG JIT doesn't crash on this page. Program received signal SIGSEGV, Segmentation fault. 0x00007f6354745644 in JSC::LLInt::CLoop::execute(JSC::ExecState*, JSC::OpcodeID, bool) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0 (gdb) bt #0 0x00007f6354745644 in JSC::LLInt::CLoop::execute(JSC::ExecState*, JSC::OpcodeID, bool) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0 #1 0x00007f63546884e8 in JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0 #2 0x00007f63559e9b38 in JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0 #3 0x00007f6354f56cbb in WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0 #4 0x00007f6354f56f63 in WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0 #5 0x00007f635541d7d1 in WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) [clone .part.35] () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0 #6 0x00007f635541e18d in WebCore::ScriptElement::execute(WebCore::CachedScript*) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0 #7 0x00007f635485500d in WebCore::ScriptRunner::timerFired(WebCore::Timer<WebCore::ScriptRunner>*) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0 #8 0x00007f6354bcb209 in WebCore::ThreadTimers::sharedTimerFiredInternal() () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0 #9 0x00007f6355270af2 in WebCore::timeout_cb(void*) () from /home/ralpht/meta/WebKit/WebKitBuild/Release/lib/libWebKit2.so.0 #10 0x00007f6351356b2b in g_timeout_dispatch (source=source@entry=0x25b36a0, callback=<optimized out>, user_data=<optimized out>) at gmain.c:4413 #11 0x00007f6351355f15 in g_main_dispatch (context=0x207fa50) at gmain.c:3054 #12 g_main_context_dispatch (context=context@entry=0x207fa50) at gmain.c:3630 #13 0x00007f6351356258 in g_main_context_iterate (context=0x207fa50, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3701 #14 0x00007f63513566ca in g_main_loop_run (loop=0x207fbb0) at gmain.c:3895
Ralph, which revision did you see this manifest on?
I don't know exactly -- I believe it was between September 9th and September 23. I usually build with DFG JIT enabled (which recently that stopped compiling for ARMv7 and I don't have the VM-fu to submit a fix) so I didn't notice it until now.