In bug #180297 we found that some of the Math functions weren't doing their exception checks. Enumerate all functions and try calling all of them to see if there's anything else that fails.
Created attachment 328212 [details] patch Everything passes!
Comment on attachment 328212 [details] patch Clearing flags on attachment: 328212 Committed r225444: <https://trac.webkit.org/changeset/225444>
All reviewed patches have been landed. Closing bug.
<rdar://problem/35812613>
All the new tests are crashing for WPE and GTK: ** The following JSC stress test failures have been introduced: stress/proxy-all-the-parameters.js.default stress/proxy-all-the-parameters.js.dfg-eager stress/proxy-all-the-parameters.js.dfg-eager-no-cjit-validate stress/proxy-all-the-parameters.js.dfg-maximal-flush-validate-no-cjit stress/proxy-all-the-parameters.js.ftl-eager stress/proxy-all-the-parameters.js.ftl-eager-no-cjit stress/proxy-all-the-parameters.js.ftl-eager-no-cjit-b3o1 stress/proxy-all-the-parameters.js.ftl-no-cjit-b3o1 stress/proxy-all-the-parameters.js.ftl-no-cjit-no-inline-validate stress/proxy-all-the-parameters.js.ftl-no-cjit-no-put-stack-validate stress/proxy-all-the-parameters.js.ftl-no-cjit-small-pool stress/proxy-all-the-parameters.js.ftl-no-cjit-validate-sampling-profiler stress/proxy-all-the-parameters.js.no-cjit-collect-continuously stress/proxy-all-the-parameters.js.no-cjit-validate-phases stress/proxy-all-the-parameters.js.no-ftl stress/proxy-all-the-parameters.js.no-llint Results for JSC stress tests: 16 failures found. Let's see if I can figure out how to run the tests and get a backtrace.
(In reply to Michael Catanzaro from comment #5) > All the new tests are crashing for WPE and GTK: > > > ** The following JSC stress test failures have been introduced: > stress/proxy-all-the-parameters.js.default > stress/proxy-all-the-parameters.js.dfg-eager > stress/proxy-all-the-parameters.js.dfg-eager-no-cjit-validate > stress/proxy-all-the-parameters.js.dfg-maximal-flush-validate-no-cjit > stress/proxy-all-the-parameters.js.ftl-eager > stress/proxy-all-the-parameters.js.ftl-eager-no-cjit > stress/proxy-all-the-parameters.js.ftl-eager-no-cjit-b3o1 > stress/proxy-all-the-parameters.js.ftl-no-cjit-b3o1 > stress/proxy-all-the-parameters.js.ftl-no-cjit-no-inline-validate > stress/proxy-all-the-parameters.js.ftl-no-cjit-no-put-stack-validate > stress/proxy-all-the-parameters.js.ftl-no-cjit-small-pool > stress/proxy-all-the-parameters.js.ftl-no-cjit-validate-sampling-profiler > stress/proxy-all-the-parameters.js.no-cjit-collect-continuously > stress/proxy-all-the-parameters.js.no-cjit-validate-phases > stress/proxy-all-the-parameters.js.no-ftl > stress/proxy-all-the-parameters.js.no-llint > > Results for JSC stress tests: > 16 failures found. > > > Let's see if I can figure out how to run the tests and get a backtrace. When you run locally can you set verbose and check what function is run before the failure? You might be injecting a function that we shouldn’t call into the globally namespace. And this test will call it :)
(In reply to Michael Catanzaro from comment #5) > Let's see if I can figure out how to run the tests and get a backtrace. They all pass on my personal machine. Sigh. Yuskue, is this something you might want to look into?
(In reply to Michael Catanzaro from comment #7) > (In reply to Michael Catanzaro from comment #5) > > Let's see if I can figure out how to run the tests and get a backtrace. > > They all pass on my personal machine. Sigh. > > Yuskue, is this something you might want to look into? Wild guess is that it's calling some internal function, and if I filter out objects whose name starts with "$" we'll be good. I'll upload a patch to do so.
(In reply to Michael Catanzaro from comment #7) > (In reply to Michael Catanzaro from comment #5) > > Let's see if I can figure out how to run the tests and get a backtrace. > > They all pass on my personal machine. Sigh. Um, actually I think I was not running the tests properly. They completed instantaneously. But now I've tried passing more arguments to run-jsc-tests, just like our bots do, and it's no longer completing immediately.
(In reply to JF Bastien from comment #8) > Wild guess is that it's calling some internal function, and if I filter out > objects whose name starts with "$" we'll be good. I'll upload a patch to do > so. Happy to test it.
Will try to address this in https://bugs.webkit.org/show_bug.cgi?id=180375