Bug 227334 - Turn off data ICs by default
Summary: Turn off data ICs by default
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Saam Barati
URL:
Keywords: InRadar
Depends on:
Blocks: 227551
  Show dependency treegraph
 
Reported: 2021-06-23 17:56 PDT by Saam Barati
Modified: 2021-06-30 23:07 PDT (History)
7 users (show)

See Also:

Attachments
patch (6.92 KB, patch)
2021-06-30 15:52 PDT, Saam Barati 		ysuzuki: review+
Details | Formatted Diff | Diff
patch for landing (6.90 KB, patch)
2021-06-30 18:06 PDT, Saam Barati 		no flags Details | Formatted Diff | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Saam Barati 2021-06-23 17:56:16 PDT 
When running like:

jsc JSTests/stress/delete-property-inline-cache.js --useFTLJIT=false --useFunctionDotArguments=true --validateExceptionChecks=true --useDollarVM=true --maxPerThreadStackUsage=1572864 --validateGraph=true --validateBCE=true --airForceIRCAllocator=true --useFTLJIT=true --useConcurrentJIT=false --thresholdForJITAfterWarmUp=100 --scribbleFreeCells=true --thresholdForJITAfterWarmUp=10 --thresholdForJITSoon=10 --thresholdForOptimizeAfterWarmUp=20 --thresholdForOptimizeAfterLongWarmUp=20 --thresholdForOptimizeSoon=20 --thresholdForFTLOptimizeAfterWarmUp=20 --thresholdForFTLOptimizeSoon=20 --thresholdForOMGOptimizeAfterWarmUp=20 --thresholdForOMGOptimizeSoon=20 --maximumEvalCacheableSourceLength=150000 --useEagerCodeBlockJettisonTiming=true --repatchBufferingCountdown=0 --collectContinuously=true --useGenerationalGC=false --verifyGC=false --forceOSRExitToLLInt=true --useExecutableAllocationFuzz=true --fireExecutableAllocationFuzzRandomly=true --useConcurrentGC=1

Seems like a GC bug
Comment 1 Saam Barati 2021-06-23 18:01:22 PDT 
My guess is we have some GC issue w.r.t exceptions.
Comment 2 Radar WebKit Bug Importer 2021-06-25 17:13:44 PDT 
<rdar://problem/79802812>
Comment 3 Saam Barati 2021-06-29 10:41:56 PDT 
Bisecting current status:

GC bug:

272448 [ good ]
275867 [ good ]
277577 [ good ]
278417 [ good ]
278629 [ good? ]
278852 [ bad ]
279287 [ bad ]


Will continue bisecting today
Comment 4 Saam Barati 2021-06-29 16:54:30 PDT 
I think the bug is related to SSI Data ICs:
https://trac.webkit.org/changeset/278656/webkit

Working on confirming this now.
Comment 5 Saam Barati 2021-06-30 15:52:37 PDT 
Created attachment 432636 [details]
patch
Comment 6 Yusuke Suzuki 2021-06-30 15:53:15 PDT 
Comment on attachment 432636 [details]
patch

r=me
Comment 7 Saam Barati 2021-06-30 18:06:35 PDT 
Created attachment 432647 [details]
patch for landing
Comment 8 EWS 2021-06-30 23:07:41 PDT 
Committed r279449 (239305@main): <https://commits.webkit.org/239305@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 432647 [details].