Bug 153482

Summary: REGRESSION(r195575): It made all JSC tests crash on ARMv7 Linux
Product: WebKit Reporter: Csaba Osztrogonác <ossy>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED WORKSFORME    
Severity: Blocker CC: ggaren, kling, ossy
Priority: P1    
Version: Other   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 108645, 153448    

Csaba Osztrogonác
Reported 2016-01-26 05:54:02 PST
https://trac.webkit.org/changeset/195575 made all JSC tests crash on ARMv7 Linux. EFL ARMv7 (with ARM instruction set): ====================================== before: https://build.webkit.org/builders/EFL%20Linux%20ARMv7%20Traditional%20Release/builds/16758 after: https://build.webkit.org/builders/EFL%20Linux%20ARMv7%20Traditional%20Release/builds/16752 EFL ARMv7 (with Thumb2 instruction set): ========================================= before: https://build.webkit.org/builders/EFL%20Linux%20ARMv7%20Thumb2%20Release/builds/16899 after: https://build.webkit.org/builders/EFL%20Linux%20ARMv7%20Thumb2%20Release/builds/16906
Attachments
Add attachment proposed patch, testcase, etc.
Csaba Osztrogonác
Comment 1 2016-01-26 10:23:28 PST
This asserts hit in debug build: Source/JavaScriptCore/assembler/ARMv7Assembler.h(2206) : static void JSC::ARMv7Assembler::relinkJump(void*, void*) ASSERTION FAILED: !(reinterpret_cast<intptr_t>(to) & 1)
Csaba Osztrogonác
Comment 2 2016-01-26 10:47:45 PST
full crash log: ASSERTION FAILED: !(reinterpret_cast<intptr_t>(to) & 1) ../../Source/JavaScriptCore/assembler/ARMv7Assembler.h(2206) : static void JSC::ARMv7Assembler::relinkJump(void*, void*) 1 0xb64c3868 WTFCrash 2 0xb5fe3fe4 JSC::ARMv7Assembler::relinkJump(void*, void*) 3 0xb61f4694 JSC::AbstractMacroAssembler<JSC::ARMv7Assembler, JSC::MacroAssemblerARMv7>::repatchNearCall(JSC::CodeLocationNearCall, JSC::CodeLocationLabel) 4 0xb61f1790 JSC::linkFor(JSC::ExecState*, JSC::CallLinkInfo&, JSC::CodeBlock*, JSC::JSFunction*, JSC::MacroAssemblerCodePtr) 5 0xb61d45ae Segmentation fault Unfortunately it isn't easy to debug this regression, because GDB crashes :(
Csaba Osztrogonác
Comment 3 2016-01-27 03:30:25 PST
I don't know what happened, but after a clean build release crashes went away. It seems the debug assert is unrelated to this bug, but still valid. I'm going to file a new bug report for it and start to investigate.
Note You need to log in before you can comment on or make changes to this bug.