Bug 137404 - REGRESSION(r174226): [JSC] Crash when running the perf test Speedometer/Full.html
Summary: REGRESSION(r174226): [JSC] Crash when running the perf test Speedometer/Full....
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: Oliver Hunt
URL:
Keywords:
: 137452 (view as bug list)
Depends on:
Blocks: 136869
  Show dependency treegraph
 
Reported: 2014-10-03 14:16 PDT by Carlos Alberto Lopez Perez
Modified: 2015-01-12 09:12 PST (History)
5 users (show)

See Also:

Attachments
GDB Backtrace for the GTK port when running the perft test Speedometer/Full.html (17.77 KB, text/plain)
2014-10-03 14:17 PDT, Carlos Alberto Lopez Perez 		no flags Details
Patch (7.90 KB, patch)
2014-10-06 11:36 PDT, Oliver Hunt 		msaboff: review+
Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Carlos Alberto Lopez Perez 2014-10-03 14:16:42 PDT 
The performance test Speedometer/Full.html is crashing since r174226 <http://trac.webkit.org/r174226>

I have double checked this: locally reverting r174226 fixes the issue.

I'm attaching a backtrace from the GTK port that I obtained running the following command on r174267:

$ Tools/Scripts/run-perf-tests  --platform gtk --release -2 Speedometer/Full.html

The issue is not GTK specific, it happens on all platforms:

 * https://build.webkit.org/builders/Apple%20MountainLion%20Release%20%28Perf%29/builds/10186
 * https://build.webkit.org/builders/Apple%20Mavericks%20Release%20%28Perf%29/builds/2725
 * https://build.webkit.org/builders/EFL%20Linux%2064-bit%20Release%20WK2%20%28Perf%29/builds/3378
 * https://build.webkit.org/builders/GTK%20Linux%2064-bit%20Release%20%28Perf%29/builds/944
Comment 1 Carlos Alberto Lopez Perez 2014-10-03 14:17:36 PDT 
Created attachment 239235 [details]
GDB Backtrace for the GTK port when running the perft test Speedometer/Full.html
Comment 2 Oliver Hunt 2014-10-03 14:28:26 PDT 
investigating
Comment 3 Alexey Proskuryakov 2014-10-03 19:31:35 PDT 
#0  0x00007f9b78a7c96d in JSC::ExecState::lexicalEnvironment() const ()
#1  0x00007f9b78b7f20c in JSC::Arguments::getOwnPropertySlotByIndex(JSC::JSObject*, JSC::ExecState*, unsigned int, JSC::PropertySlot&) ()
#2  0x00007f9b78d2c3b5 in JSC::LLInt::getByVal(JSC::ExecState*, JSC::JSValue, JSC::JSValue) ()
#3  0x00007f9b78d244e2 in llint_slow_path_get_by_val ()
Comment 4 Oliver Hunt 2014-10-06 10:34:20 PDT 
Ok, this is a stupid mistake on my part. Fixing.
Comment 5 Oliver Hunt 2014-10-06 11:36:03 PDT 
Created attachment 239342 [details]
Patch
Comment 6 Michael Saboff 2014-10-06 12:28:28 PDT 
Comment on attachment 239342 [details]
Patch

r=me
Comment 7 Oliver Hunt 2014-10-06 12:29:43 PDT 
Committed r174359: <http://trac.webkit.org/changeset/174359>
Comment 8 Alexey Proskuryakov 2014-10-07 10:07:02 PDT 
*** Bug 137452 has been marked as a duplicate of this bug. ***