132378 – js/dfg-create-inlined-arguments-in-closure-inline.html flakily crashes under ClosureCallStubRoutine::structure()

NEW 132378

js/dfg-create-inlined-arguments-in-closure-inline.html flakily crashes under ClosureCallStubRoutine::structure()

https://bugs.webkit.org/show_bug.cgi?id=132378

Summary js/dfg-create-inlined-arguments-in-closure-inline.html flakily crashes under ...

Alexey Proskuryakov

Reported 2014-04-29 23:19:04 PDT

Happens on bot, and reproducible locally: run-webkit-tests js/dfg-create-inlined-arguments-in-closure-inline.html --repeat-each 1000 Thread 10 Crashed:: JSC Compilation Thread 0 com.apple.JavaScriptCore 0x000000010303e4b0 JSC::WriteBarrierBase<JSC::Structure>::get() const + 16 (WriteBarrier.h:92) 1 com.apple.JavaScriptCore 0x00000001030c968c JSC::ClosureCallStubRoutine::structure() const + 28 (ClosureCallStubRoutine.h:44) 2 com.apple.JavaScriptCore 0x00000001030cb827 JSC::CallLinkStatus::computeFor(JSC::ConcurrentJITLocker const&, JSC::CallLinkInfo&) + 151 (CallLinkStatus.cpp:156) 3 com.apple.JavaScriptCore 0x00000001030cb6bc JSC::CallLinkStatus::computeFor(JSC::CodeBlock*, unsigned int, WTF::HashMap<JSC::CodeOrigin, JSC::CallLinkInfo*, JSC::CodeOriginApproximateHash, WTF::HashTraits<JSC::CodeOrigin>, WTF::HashTraits<JSC::CallLinkInfo*> > const&) + 396 (CallLinkStatus.cpp:136) 4 com.apple.JavaScriptCore 0x00000001030cbcc4 JSC::CallLinkStatus::computeFor(JSC::CodeBlock*, JSC::CodeOrigin, WTF::HashMap<JSC::CodeOrigin, JSC::CallLinkInfo*, JSC::CodeOriginApproximateHash, WTF::HashTraits<JSC::CodeOrigin>, WTF::HashTraits<JSC::CallLinkInfo*> > const&, WTF::HashMap<JSC::CodeOrigin, JSC::CallLinkStatus, JSC::CodeOriginApproximateHash, WTF::HashTraits<JSC::CodeOrigin>, WTF::HashTraits<JSC::CallLinkStatus> > const&) + 212 (CallLinkStatus.cpp:238) 5 com.apple.JavaScriptCore 0x0000000103189e79 JSC::DFG::ByteCodeParser::handleCall(int, JSC::DFG::NodeType, JSC::CodeSpecializationKind, unsigned int, int, int, int) + 441 (DFGByteCodeParser.cpp:1211)

Attachments
Add attachment proposed patch, testcase, etc.

Alexey Proskuryakov

Comment 1 2014-04-29 23:19:23 PDT

<rdar://problem/16766362>

Geoffrey Garen

Comment 2 2014-04-30 11:44:33 PDT

Please don't use the word "flaky". It is a cancer on the mind.

Alexey Proskuryakov

Comment 3 2014-04-30 11:59:55 PDT

Please don't randomly remove relevant information from bug titles. If you can come up with a better way to describe the situation, let's discuss that on webkit-dev. I also don't agree with your negative characterization of "flakily crashes". "Flaky test" is a misleading concept, but "flakily crashing" is relevant factual information.

Note You need to log in before you can comment on or make changes to this bug.

Status NEW

Resolution

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware Unspecified

OS Unspecified

Product WebKit

Component JavaScriptCore

Assignee

Nobody

Reported

2014-04-29 23:19 PDT

Modified

2014-04-30 11:59 PDT History

CC List

2 users Show

URL

Keywords InRadar

Depends on

Blocks