RESOLVED FIXED 156309
JSC test stress/arrowfunction-lexical-bind-superproperty.js failing 
https://bugs.webkit.org/show_bug.cgi?id=156309
Summary JSC test stress/arrowfunction-lexical-bind-superproperty.js failing
Ryan Haddad
Reported 2016-04-06 13:50:22 PDT
JSC test stress/arrowfunction-lexical-bind-superproperty.js failing stress/arrowfunction-lexical-bind-superproperty.js.dfg-maximal-flush-validate-no-cjit stress/arrowfunction-lexical-bind-superproperty.js.ftl-no-cjit-no-put-stack-validate stress/arrowfunction-lexical-bind-superproperty.js.ftl-no-cjit-validate-sampling-profiler stress/arrowfunction-lexical-bind-superproperty.js.no-cjit-validate-phases <https://build.webkit.org/builders/Apple%20El%20Capitan%20Release%20JSC%20%28Tests%29/builds/4829/steps/jscore-test/logs/stdio>
Attachments
Crash log (43.11 KB, application/octet-stream)
2016-04-06 13:51 PDT, Keith Miller 		no flags
Details
the patch (2.38 KB, patch)
2016-04-06 16:41 PDT, Filip Pizlo 		saam: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Keith Miller
Comment 1 2016-04-06 13:51:39 PDT
Created attachment 275815 [details] Crash log
Ryan Haddad
Comment 2 2016-04-06 13:52:32 PDT
May be related to <https://trac.webkit.org/changeset/199076>
Filip Pizlo
Comment 3 2016-04-06 14:12:04 PDT
Interesting. I will fix.
Filip Pizlo
Comment 4 2016-04-06 14:37:34 PDT
I have an elagant fix to this bug, but I don't know yet if it's perf-neutral.
Filip Pizlo
Comment 5 2016-04-06 14:38:04 PDT
Oh, and the bug that this is revealing is a preexisting condition: our stack scanner assumes that callee/argumentCount are also valid while the compiler thinks otherwise.
Filip Pizlo
Comment 6 2016-04-06 16:41:59 PDT
Created attachment 275830 [details] the patch
Filip Pizlo
Comment 7 2016-04-06 18:12:15 PDT
Landed in http://trac.webkit.org/changeset/199129
David Kilzer (:ddkilzer)
Comment 8 2016-04-22 12:59:30 PDT
<rdar://problem/24894592>
Note You need to log in before you can comment on or make changes to this bug.