155784 – REGRESSION(r198554): It made many regexp tests crash on ARMv7 Thumb2 platforms

RESOLVED DUPLICATE of bug 155790 155784

REGRESSION(r198554): It made many regexp tests crash on ARMv7 Thumb2 platforms

https://bugs.webkit.org/show_bug.cgi?id=155784

Summary REGRESSION(r198554): It made many regexp tests crash on ARMv7 Thumb2 platforms

Csaba Osztrogonác

Reported 2016-03-22 23:59:44 PDT

JSCOnly Linux ARMv7 Thumb2 Release - before: 139 fails - https://build.webkit.org/builders/JSCOnly%20Linux%20ARMv7%20Thumb2%20Release/builds/3 - after: 279 fails - https://build.webkit.org/builders/JSCOnly%20Linux%20ARMv7%20Thumb2%20Release/builds/4 GTK Linux ARM Release - before: 119 fails - https://build.webkit.org/builders/GTK%20Linux%20ARM%20Release/builds/10635 - after: 191 fails - https://build.webkit.org/builders/GTK%20Linux%20ARM%20Release/builds/10636 ARMv7 Traditional (ARMAssembler with ARM instruction set) and AArch64 platforms aren't affected. (note: I just reported this bug, but I don't have any time to investigate, debug, help fixing, create backtraces, etc.)

Attachments
Add attachment proposed patch, testcase, etc.

Michael Saboff

Comment 1 2016-03-23 09:30:59 PDT

We are not seeing any of these crashes on iOS ARMv7 bots. When you can, please provide a stack trace for one of these failures.

Csaba Osztrogonác

Comment 2 2016-03-23 11:19:57 PDT

managed to get backtrace: $ ./jsc regexp-match.js --useLLInt=false ASSERTION FAILED: !(reinterpret_cast<intptr_t>(to) & 1) ../../Source/JavaScriptCore/assembler/ARMv7Assembler.h(2206) : static void JSC::ARMv7Assembler::relinkJump(void*, void*) 1 0xb64bc334 WTFCrash 2 0xb5f9d108 JSC::ARMv7Assembler::relinkJump(void*, void*) 3 0xb61c94bc JSC::AbstractMacroAssembler<JSC::ARMv7Assembler, JSC::MacroAssemblerARMv7>::repatchNearCall(JSC::CodeLocationNearCall, JSC::CodeLocationLabel) 4 0xb61c650a JSC::linkFor(JSC::ExecState*, JSC::CallLinkInfo&, JSC::CodeBlock*, JSC::JSFunction*, JSC::MacroAssemblerCodePtr) 5 0xb61a61f6 Segmentation fault (core dumped)

Csaba Osztrogonác

Comment 3 2016-03-23 11:21:10 PDT

Maybe it is a dup of bug154857 or bug154857 simply hides this bug.

Csaba Osztrogonác

Comment 4 2016-04-05 09:32:56 PDT

It seesm it is a dup of It seesm it is a dup of bug155790 *** This bug has been marked as a duplicate of bug 155790 ***

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution DUPLICATE

of bug 155790

Priority P1

Severity Critical

Classification Unclassified

Version Other

Hardware Unspecified

OS Unspecified

Product WebKit

Component JavaScriptCore

Assignee

Nobody

Reported

2016-03-22 23:59 PDT

Modified

2016-04-05 09:32 PDT History

CC List

7 users Show

URL

Keywords

Depends on

Blocks

108645 155711

Dependencies

tree graph