[Webkit-unassigned] [Bug 160288] New: [ARM] REGRESSION(r203786): ASSERTION FAILED: static_cast<ptrdiff_t>(inlineSize) <= MacroAssembler::maxJumpReplacementSize()

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Jul 28 02:52:30 PDT 2016 

https://bugs.webkit.org/show_bug.cgi?id=160288

            Bug ID: 160288
           Summary: [ARM] REGRESSION(r203786): ASSERTION FAILED:
                    static_cast<ptrdiff_t>(inlineSize) <=
                    MacroAssembler::maxJumpReplacementSize()
    Classification: Unclassified
           Product: WebKit
           Version: Other
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Critical
          Priority: P1
         Component: JavaScriptCore
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: ossy at webkit.org
                CC: mark.lam at apple.com, sbarati at apple.com
            Blocks: 108645, 160110

Almost all tests started to assert and crash after https://trac.webkit.org/changeset/203786 
with ARM instruction set.

cdjs-tests.yaml/main.js.default: ASSERTION FAILED: static_cast<ptrdiff_t>(inlineSize) <= MacroAssembler::maxJumpReplacementSize()
cdjs-tests.yaml/main.js.default: ../../Source/JavaScriptCore/jit/JITMathIC.h(81) : bool JSC::JITMathIC<Generator>::generateInline(JSC::CCallHelpers&, JSC::MahICGenerationState&, bool) [with GeneratorType = JSC::JITAddGenerator]
cdjs-tests.yaml/main.js.default: 1   0x41b81798 WTFCrash
cdjs-tests.yaml/main.js.default: 2   0x4145a4b8 JSC::JITMathIC<JSC::JITAddGenerator>::generateInline(JSC::CCallHelpers&, JSC::MathICGenerationState&, bool)
cdjs-tests.yaml/main.js.default: 3   0x4165d148 void JSC::JIT::emitMathICFast<JSC::JITAddGenerator, long long (*)(JSC::ExecState*, long long, long long, JSC:ArithProfile*), long long (*)(JSC::ExecState*, long long, long long)>(JSC::JITMathIC<JSC::JITAddGenerator>*, JSC::Instruction*, long long (*)(JSC::ExecState* long long, long long, JSC::ArithProfile*), long long (*)(JSC::ExecState*, long long, long long))
cdjs-tests.yaml/main.js.default: 4   0x4165a340 JSC::JIT::emit_op_add(JSC::Instruction*)
cdjs-tests.yaml/main.js.default: 5   0x416488a8 JSC::JIT::privateCompileMainPass()
cdjs-tests.yaml/main.js.default: 6   0x4164ba00 JSC::JIT::compileWithoutLinking(JSC::JITCompilationEffort)
cdjs-tests.yaml/main.js.default: 7   0x416aa570 JSC::JITWorklist::Plan::compileInThread()
cdjs-tests.yaml/main.js.default: 8   0x416aa8e0 JSC::JITWorklist::Plan::compileNow(JSC::CodeBlock*)
cdjs-tests.yaml/main.js.default: 9   0x416a9054 JSC::JITWorklist::compileLater(JSC::CodeBlock*)
cdjs-tests.yaml/main.js.default: 10  0x416d4d6c JSC::LLInt::jitCompileAndSetHeuristics(JSC::CodeBlock*, JSC::ExecState*)
cdjs-tests.yaml/main.js.default: 11  0x416c9e3c
cdjs-tests.yaml/main.js.default: Illegal instruction
cdjs-tests.yaml/main.js.default: ERROR: Unexpected exit code: 132

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160728/95416244/attachment.html>

More information about the webkit-unassigned mailing list