RESOLVED FIXED Bug 54667
latest jsc for armv7 crashes in sunspider tests 
https://bugs.webkit.org/show_bug.cgi?id=54667
Summary latest jsc for armv7 crashes in sunspider tests
Víctor M. Jáquez L.
Reported 2011-02-17 08:41:24 PST
According to our builbot this commit http://trac.webkit.org/changeset/78732 crashes the execution of the sunspider tests, and also the v8 benchmarks. The machine is an ARMv7 Pandaboard EA1, kernel 2.6.35.3 and the JSC is natively compiled with g++ (Ubuntu/Linaro 4.4.4-14ubuntu5) 4.4.5 trace: ~/WebKit/Programs/jsc sunspider-0.9.1/3d-cube.js ASSERTION FAILED: differenceBetween(hotPathBegin, displacementLabel1) == patchOffsetPutByIdPropertyMapOffset1 Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp(517) : void JSC::JIT::emit_op_put_by_id(JSC::Instruction*) Segmentation fault gdb trace: Starting program: /home/user/buildslave/full-wk/build/Programs/jsc 3d-cube.js [Thread debugging using libthread_db enabled] [New Thread 0x41e5f460 (LWP 23458)] Program received signal SIGSEGV, Segmentation fault. 0x000d80b8 in JITStubThunked_op_create_this () (gdb) bt #0 0x000d80b8 in JITStubThunked_op_create_this () #1 0x000d3b1c in cti_op_create_this () #2 0x000d3b1c in cti_op_create_this ()
Attachments
jitoffsetarmv7.diff (2.67 KB, patch)
2011-02-23 05:50 PST, Xan Lopez 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
David Kilzer (:ddkilzer)
Comment 1 2011-02-17 11:27:13 PST
<rdar://problem/9018458>
Xan Lopez
Comment 2 2011-02-21 12:46:23 PST
With the patch from https://bugs.webkit.org/show_bug.cgi?id=54901 I can see the difference in the offsets is: ASSERTION FAILED: JIT Offset "patchOffsetPutByIdPropertyMapOffset1" should be 46, not 36. differenceBetween(hotPathBegin, displacementLabel1) == patchOffsetPutByIdPropertyMapOffset1 ../../Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp(517) : void JSC::JIT::emit_op_put_by_id(JSC::Instruction*)
Xan Lopez
Comment 3 2011-02-23 05:50:58 PST
Created attachment 83476 [details] jitoffsetarmv7.diff This seems to fix the issue.
Gavin Barraclough
Comment 4 2011-02-23 10:48:34 PST
Comment on attachment 83476 [details] jitoffsetarmv7.diff Apologies for breaking this, cheers for the fix Xan.
Xan Lopez
Comment 5 2011-02-23 10:55:41 PST
Comment on attachment 83476 [details] jitoffsetarmv7.diff Clearing flags on attachment: 83476 Committed r79460: <http://trac.webkit.org/changeset/79460>
Xan Lopez
Comment 6 2011-02-23 10:55:48 PST
All reviewed patches have been landed. Closing bug.
WebKit Review Bot
Comment 7 2011-02-23 11:43:52 PST
http://trac.webkit.org/changeset/79460 might have broken Qt Linux Release The following tests are not passing: fast/overflow/overflow-height-float-not-removed-crash3.html
Note You need to log in before you can comment on or make changes to this bug.