151563 – [FTL] regress/script-tests/double-pollution-putbyoffset.js.dfg-eager regularly stucks in an infinite loop

Bug 151563 - [FTL] regress/script-tests/double-pollution-putbyoffset.js.dfg-eager regularly stucks in an infinite loop

Summary: [FTL] regress/script-tests/double-pollution-putbyoffset.js.dfg-eager regularl...

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	Other
Hardware:	Unspecified Unspecified

Importance:	P1 Critical
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:	143605
	Show dependency tree / graph

Reported:	2015-11-23 04:31 PST by Csaba Osztrogonác
Modified:	2017-10-18 01:41 PDT (History)
CC List:	9 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Csaba Osztrogonác 2015-11-23 04:31:46 PST

https://trac.webkit.org/changeset/192682 enabled FTL JIT on EFL Linux X86_64.

Since then regress/script-tests/double-pollution-putbyoffset.js.dfg-eager 
regularly stucks in an infinite loop.

regress/script-tests/double-pollution-putbyoffset.js.dfg-eager: Timed out after 339.000000 seconds!
regress/script-tests/double-pollution-putbyoffset.js.dfg-eager: 1   0x7ffa47260537 WTFCrash
regress/script-tests/double-pollution-putbyoffset.js.dfg-eager: 2   0x409773
regress/script-tests/double-pollution-putbyoffset.js.dfg-eager: 3   0x7ffa47272ba5
regress/script-tests/double-pollution-putbyoffset.js.dfg-eager: 4   0x7ffa472a242a
regress/script-tests/double-pollution-putbyoffset.js.dfg-eager: 5   0x7ffa464906aa
regress/script-tests/double-pollution-putbyoffset.js.dfg-eager: 6   0x7ffa45eb6eed clone
regress/script-tests/double-pollution-putbyoffset.js.dfg-eager: Segmentation fault (core dumped)
regress/script-tests/double-pollution-putbyoffset.js.dfg-eager: ERROR: Unexpected exit code: 139
FAIL: regress/script-tests/double-pollution-putbyoffset.js.dfg-eager

Comment 1 Csaba Osztrogonác 2015-11-23 04:35:02 PST

It isn't an EFL related bug, but an FTL JIT bug on Linux, 
because I found similar errors on the GTK bot too:

regress/script-tests/double-pollution-putbyoffset.js.ftl-eager: Timed out after 339.000000 seconds!
regress/script-tests/double-pollution-putbyoffset.js.ftl-eager: 1   0x7fbe2954b7c7 /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18(WTFCrash+0x17) [0x7fbe2954b7c7]
regress/script-tests/double-pollution-putbyoffset.js.ftl-eager: 2   0x4093e3 ../../../.vm/JavaScriptCore.framework/Resources/jsc() [0x4093e3]
regress/script-tests/double-pollution-putbyoffset.js.ftl-eager: 3   0x7fbe2955d4b5 /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18(+0x9484b5) [0x7fbe2955d4b5]
regress/script-tests/double-pollution-putbyoffset.js.ftl-eager: 4   0x7fbe2958ba0a /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18(+0x976a0a) [0x7fbe2958ba0a]
regress/script-tests/double-pollution-putbyoffset.js.ftl-eager: 5   0x7fbe284bf0a4 /lib/x86_64-linux-gnu/libpthread.so.0(+0x80a4) [0x7fbe284bf0a4]
regress/script-tests/double-pollution-putbyoffset.js.ftl-eager: 6   0x7fbe273a504d /lib/x86_64-linux-gnu/libc.so.6(clone+0x6d) [0x7fbe273a504d]
regress/script-tests/double-pollution-putbyoffset.js.ftl-eager: Segmentation fault (core dumped)
regress/script-tests/double-pollution-putbyoffset.js.ftl-eager: ERROR: Unexpected exit code: 139

** The following JSC stress test failures have been introduced:
	regress/script-tests/double-pollution-putbyoffset.js.ftl-eager

Results for JSC stress tests:
    1 failure found.

Comment 2 Zan Dobersek 2017-10-18 01:41:19 PDT

These failures aren't exhibited anymore.

Comment 3 Radar WebKit Bug Importer 2017-10-18 01:41:47 PDT

<rdar://problem/35048161>