Bug 141671 - REGRESSION(r180060): C Loop crashes
Summary: REGRESSION(r180060): C Loop crashes
Status: RESOLVED DUPLICATE of bug 146767
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: Michael Saboff
URL:
Keywords:
Depends on: 141733
Blocks: 141098
  Show dependency treegraph
 
Reported: 2015-02-16 15:27 PST by Michael Saboff
Modified: 2015-07-23 08:32 PDT (History)
3 users (show)

See Also:

Attachments
Patch (2.35 KB, patch)
2015-02-16 15:48 PST, Michael Saboff 		ggaren: review+
Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Saboff 2015-02-16 15:27:56 PST 
After r180060: <http://trac.webkit.org/changeset/180060>, the C Loop crashes.
Comment 1 Michael Saboff 2015-02-16 15:48:12 PST 
Created attachment 246691 [details]
Patch
Comment 2 Geoffrey Garen 2015-02-16 15:57:36 PST 
Comment on attachment 246691 [details]
Patch

r=me
Comment 3 Michael Saboff 2015-02-16 16:08:25 PST 
Committed r180184: <http://trac.webkit.org/changeset/180184>
Comment 4 Alexey Proskuryakov 2015-02-17 18:29:31 PST 
This patch is suspected to have caused infinite recursion on js/function-apply-aliased.html.

I'm going to roll it out to confirm.

https://build-safari.apple.com/results/Trunk%20Syrah%20Production%20WK2%20Tests/r180236_69346%20(16927)/js/function-apply-aliased-crash-log.txt

http://webkit-test-results.appspot.com/dashboards/flakiness_dashboard.html#tests=js%2Ffunction-apply-aliased.html

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.JavaScriptCore      	0x000000010ef05761 JSC::StackVisitor::Frame::existingArguments() + 145
1   com.apple.JavaScriptCore      	0x000000010edddd8d JSC::UnwindFunctor::operator()(JSC::StackVisitor&) + 429
2   com.apple.JavaScriptCore      	0x000000010eddd25b JSC::Interpreter::unwind(void*&, JSC::ExecState*&, JSC::JSValue&) + 491
3   com.apple.JavaScriptCore      	0x000000010eded1ab JSC::genericUnwind(JSC::VM*, JSC::ExecState*, JSC::JSValue) + 91
4   com.apple.JavaScriptCore      	0x000000010ee7caa4 llint_slow_path_handle_exception + 52
5   com.apple.JavaScriptCore      	0x000000010ee82926 llint_entry + 15854
6   ???                           	0x000039e5fb418c9f 0 + 63659925671071
7   ???                           	0x000039e5fb4189ea 0 + 63659925670378
8   ???                           	0x000039e5fb4189ea 0 + 63659925670378
9   ???                           	0x000039e5fb4189ea 0 + 63659925670378
10  ???                           	0x000039e5fb4189ea 0 + 63659925670378
11  ???                           	0x000039e5fb4189ea 0 + 63659925670378
12  ???                           	0x000039e5fb4189ea 0 + 63659925670378
13  ???                           	0x000039e5fb4189ea 0 + 63659925670378
14  ???                           	0x000039e5fb4189ea 0 + 63659925670378
15  ???                           	0x000039e5fb4189ea 0 + 63659925670378
16  ???                           	0x000039e5fb4189ea 0 + 63659925670378
17  ???                           	0x000039e5fb4189ea 0 + 63659925670378
18  ???                           	0x000039e5fb4189ea 0 + 63659925670378
19  ???                           	0x000039e5fb4189ea 0 + 63659925670378
20  ???                           	0x000039e5fb4189ea 0 + 63659925670378
21  ???                           	0x000039e5fb4189ea 0 + 63659925670378
22  ???                           	0x000039e5fb4189ea 0 + 63659925670378
23  ???                           	0x000039e5fb4189ea 0 + 63659925670378
24  ???                           	0x000039e5fb4189ea 0 + 63659925670378
25  ???                           	0x000039e5fb4189ea 0 + 63659925670378
26  ???                           	0x000039e5fb4189ea 0 + 63659925670378
27  ???                           	0x000039e5fb4189ea 0 + 63659925670378
28  ???                           	0x000039e5fb4189ea 0 + 63659925670378
29  ???                           	0x000039e5fb4189ea 0 + 63659925670378
30  ???                           	0x000039e5fb4189ea 0 + 63659925670378
31  ???                           	0x000039e5fb4189ea 0 + 63659925670378
32  ???                           	0x000039e5fb4189ea 0 + 63659925670378
33  ???                           	0x000039e5fb4189ea 0 + 63659925670378
34  ???                           	0x000039e5fb4189ea 0 + 63659925670378
35  ???                           	0x000039e5fb4189ea 0 + 63659925670378
36  ???                           	0x000039e5fb4189ea 0 + 63659925670378
37  ???                           	0x000039e5fb4189ea 0 + 63659925670378
38  ???                           	0x000039e5fb4189ea 0 + 63659925670378
39  ???                           	0x000039e5fb4189ea 0 + 63659925670378
40  ???                           	0x000039e5fb4189ea 0 + 63659925670378
41  ???                           	0x000039e5fb4189ea 0 + 63659925670378
42  ???                           	0x000039e5fb4189ea 0 + 63659925670378
43  ???                           	0x000039e5fb4189ea 0 + 63659925670378
44  ???                           	0x000039e5fb4189ea 0 + 63659925670378
45  ???                           	0x000039e5fb4189ea 0 + 63659925670378
46  ???                           	0x000039e5fb4189ea 0 + 63659925670378
47  ???                           	0x000039e5fb4189ea 0 + 63659925670378
48  ???                           	0x000039e5fb4189ea 0 + 63659925670378
49  ???                           	0x000039e5fb4189ea 0 + 63659925670378
50  ???                           	0x000039e5fb4189ea 0 + 63659925670378
Comment 5 WebKit Commit Bot 2015-02-17 18:32:03 PST 
Re-opened since this is blocked by bug 141733
Comment 6 Mark Lam 2015-07-23 08:32:45 PDT 
The issues of this bug have all been dealt with in https://bugs.webkit.org/show_bug.cgi?id=146767.

*** This bug has been marked as a duplicate of bug 146767 ***