[Webkit-unassigned] [Bug 81906] New: ASSERT in JITInlineMethods::endUninterruptedSequence on ARM

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Mar 22 07:15:11 PDT 2012 

https://bugs.webkit.org/show_bug.cgi?id=81906

           Summary: ASSERT in JITInlineMethods::endUninterruptedSequence
                    on ARM
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: abecsi at webkit.org
                CC: oliver at apple.com, loki at webkit.org,
                    zherczeg at webkit.org, fpizlo at apple.com


This was introduced in http://trac.webkit.org/changeset/109834.

The crash happens during initial load of a page, eg. www.nytimes.com:

0x41d03f3c in endUninterruptedSequence (dst=1, constSpace=3, insnSpace=56, this=0xbe935720) at /home/abecsi/repos/webkit/Source/JavaScriptCore/jit/JITInlineMethods.h:183
183         ASSERT(sizeOfConstantPool() - m_uninterruptedConstantSequenceBegin <= constSpace);
(gdb) bt
#0  0x41d03f3c in endUninterruptedSequence (dst=1, constSpace=3, insnSpace=56, this=0xbe935720) at /home/abecsi/repos/webkit/Source/JavaScriptCore/jit/JITInlineMethods.h:183
#1  JSC::JIT::compileGetByIdSlowCase (this=0xbe935720, dst=1, base=<optimized out>, ident=0x2472ec, iter=@0xbe9355d4, isMethodCheck=true)
    at /home/abecsi/repos/webkit/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp:384
#2  0x41d041f0 in JSC::JIT::emitSlow_op_method_check (this=0xbe935720, currentInstruction=<optimized out>, iter=@0xbe9355d4)
    at /home/abecsi/repos/webkit/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp:152
#3  0x41ce60b4 in JSC::JIT::privateCompileSlowCases (this=0xbe935720) at /home/abecsi/repos/webkit/Source/JavaScriptCore/jit/JIT.cpp:468
#4  0x41ce7c84 in JSC::JIT::privateCompile (this=0xbe935720, functionEntryArityCheck=0x27, effort=JSC::JITCompilationMustSucceed)
    at /home/abecsi/repos/webkit/Source/JavaScriptCore/jit/JIT.cpp:589
#5  0x41ddd690 in JSC::JIT::compile (globalData=<optimized out>, codeBlock=<optimized out>, effort=JSC::JITCompilationMustSucceed, functionEntryArityCheck=0x0)
    at /home/abecsi/repos/webkit/Source/JavaScriptCore/jit/JIT.h:204
#6  0x41dddbe0 in JSC::jitCompileIfAppropriate<JSC::ProgramCodeBlock> (globalData=..., codeBlock=..., jitCode=..., jitType=JSC::JITCode::BaselineJIT, effort=JSC::JITCompilationMustSucceed)
    at /home/abecsi/repos/webkit/Source/JavaScriptCore/jit/JITDriver.h:65
#7  0x41dda6c4 in prepareForExecution<JSC::ProgramCodeBlock> (jitType=JSC::JITCode::BaselineJIT, jitCode=..., codeBlock=..., globalData=<optimized out>)
    at /home/abecsi/repos/webkit/Source/JavaScriptCore/runtime/ExecutionHarness.h:49
#8  JSC::ProgramExecutable::compileInternal (this=0x46ffde90, exec=<optimized out>, scopeChainNode=0xbe936340, jitType=JSC::JITCode::BaselineJIT)
    at /home/abecsi/repos/webkit/Source/JavaScriptCore/runtime/Executable.cpp:375
#9  0x41cc8cf8 in compile (scopeChainNode=0x4832ffe0, exec=0x4821fcb8, this=0x41) at /home/abecsi/repos/webkit/Source/JavaScriptCore/runtime/Executable.h:416
#10 JSC::Interpreter::execute (this=0x15, program=0x41, callFrame=0x4821fcb8, scopeChain=0x4832ffe0, thisObj=0x4704ffc0)
    at /home/abecsi/repos/webkit/Source/JavaScriptCore/interpreter/Interpreter.cpp:1171
#11 0x41dabf14 in JSC::evaluate (exec=0x4821fcb8, scopeChain=0x4832ffe0, source=..., thisValue=..., returnedException=0xbe936d80)
    at /home/abecsi/repos/webkit/Source/JavaScriptCore/runtime/Completion.cpp:73
#12 0x40677124 in evaluate (exception=0xbe936d78, thisValue=<optimized out>, source=..., chain=0xbe936d80, exec=0x4821fcb8)
    at /home/abecsi/repos/webkit/Source/WebCore/bindings/js/JSMainThreadExecState.h:76
#13 WebCore::ScriptController::evaluateInWorld (this=0x78b48, sourceCode=..., world=<optimized out>) at /home/abecsi/repos/webkit/Source/WebCore/bindings/js/ScriptController.cpp:145
#14 0x40677804 in WebCore::ScriptController::evaluate (this=0x78b48, sourceCode=...) at /home/abecsi/repos/webkit/Source/WebCore/bindings/js/ScriptController.cpp:162
#15 0x40904a14 in WebCore::ScriptElement::executeScript (this=0x465e2888, sourceCode=...) at /home/abecsi/repos/webkit/Source/WebCore/dom/ScriptElement.cpp:290
#16 0x40b965f4 in WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent (this=0x46501b58, pendingScript=<optimized out>)
    at /home/abecsi/repos/webkit/Source/WebCore/html/parser/HTMLScriptRunner.cpp:139
#17 0x40b974f0 in WebCore::HTMLScriptRunner::executeParsingBlockingScript (this=0x46501b58) at /home/abecsi/repos/webkit/Source/WebCore/html/parser/HTMLScriptRunner.cpp:118
#18 0x40b97a00 in WebCore::HTMLScriptRunner::executeParsingBlockingScripts (this=0x46501b58) at /home/abecsi/repos/webkit/Source/WebCore/html/parser/HTMLScriptRunner.cpp:195
#19 0x40b7e960 in WebCore::HTMLDocumentParser::executeScriptsWaitingForStylesheets (this=0x465c70f0) at /home/abecsi/repos/webkit/Source/WebCore/html/parser/HTMLDocumentParser.cpp:543
#20 0x40860fc0 in WebCore::Document::removePendingSheet (this=0x465bbe70) at /home/abecsi/repos/webkit/Source/WebCore/dom/Document.cpp:3038
#21 0x40af6908 in WebCore::HTMLLinkElement::sheetLoaded (this=0x465fad68) at /home/abecsi/repos/webkit/Source/WebCore/html/HTMLLinkElement.cpp:367
#22 0x407d7a4c in WebCore::CSSStyleSheet::checkLoaded (this=0x38fc0) at /home/abecsi/repos/webkit/Source/WebCore/css/CSSStyleSheet.cpp:249
#23 0x40af7f4c in WebCore::HTMLLinkElement::setCSSStyleSheet (this=0x465fad68, href=..., baseURL=<optimized out>, charset=<optimized out>, sheet=0x4710aba0)
    at /home/abecsi/repos/webkit/Source/WebCore/html/HTMLLinkElement.cpp:342
#24 0x40ce8e98 in WebCore::CachedCSSStyleSheet::checkNotify (this=0x4710aba0) at /home/abecsi/repos/webkit/Source/WebCore/loader/cache/CachedCSSStyleSheet.cpp:117
#25 0x40ce92f8 in WebCore::CachedCSSStyleSheet::data (this=0x4710aba0, data=<optimized out>, allDataReceived=<optimized out>)
    at /home/abecsi/repos/webkit/Source/WebCore/loader/cache/CachedCSSStyleSheet.cpp:105
#26 0x40d74884 in WebCore::SubresourceLoader::didFinishLoading (this=0x4710d398, finishTime=<optimized out>) at /home/abecsi/repos/webkit/Source/WebCore/loader/SubresourceLoader.cpp:276
#27 0x40d61b54 in WebCore::ResourceLoader::didFinishLoading (this=0x4710d398, finishTime=<optimized out>) at /home/abecsi/repos/webkit/Source/WebCore/loader/ResourceLoader.cpp:452

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list