Bug 169018 - Crashes are observed in JavaScriptCore/heap maintainer on Ubuntu/ppc64le.
Summary: Crashes are observed in JavaScriptCore/heap maintainer on Ubuntu/ppc64le.
Status: NEW
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: WebKit Local Build
Hardware: Other Linux
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-03-01 00:26 PST by sowania
Modified: 2017-03-01 00:26 PST (History)
0 users

See Also:

Attachments
Test JavaScript and sample backtraces. (5.15 KB, text/plain)
2017-03-01 00:26 PST, sowania 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description sowania 2017-03-01 00:26:45 PST 
Created attachment 303046 [details]
Test JavaScript and sample backtraces.

While testing PhantomJS, which uses WebKit 5.5.1 internally - crashes are seen in the heap maintainer code inside JavaScriptCore module. The crash is typically seen when PhantomJS completes the task and then starts winding down for exit. The tests is being done on Power8/LE using Ubuntu 16.04LTS. As the issue is first seen with PhantomJS, a bug has been raised at https://github.com/ariya/phantomjs/issues/14859, but in reality the issue is with the WebKit, so I think it is logical to file a bug with WebKit as well.

Unfortunately I don't have any test script which can directly be used with WebKit. However I am attaching the test script I am using with PhantomJS. Additionally, I am also attaching a couple of backtraces as samples. I think heap handling and synchronization requires to be rechecked and fixed in order to avoid these crashes.

I am attaching the sample script and the backtraces. Please remove the backtrace part in the attached file before using it for tests. Typically, the command issued to test it is: bin/phantomjs ./run-qunit.js http://engadget.com