[Webkit-unassigned] [Bug 158959] New: REGRESSION(r202157): ASSERTION FAILED: !codeBlock->m_didFailJITCompilation on executableAllocationFuzz.yaml/executableAllocationFuzz/v8-raytrace.js.executable-allocation-fuzz-default

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Jun 20 16:57:06 PDT 2016 

https://bugs.webkit.org/show_bug.cgi?id=158959

            Bug ID: 158959
           Summary: REGRESSION(r202157): ASSERTION FAILED:
                    !codeBlock->m_didFailJITCompilation on
                    executableAllocationFuzz.yaml/executableAllocationFuzz
                    /v8-raytrace.js.executable-allocation-fuzz-default
    Classification: Unclassified
           Product: WebKit
           Version: Other
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: ap at webkit.org
                CC: fpizlo at apple.com, webkit-bug-importer at group.apple.com

executableAllocationFuzz.yaml/executableAllocationFuzz/v8-raytrace.js.executable-allocation-fuzz-default very frequently asserts in debug builds.

ASSERTION FAILED: !codeBlock->m_didFailJITCompilation
/Volumes/Data/slave/elcapitan-debug/build/Source/JavaScriptCore/jit/JITWorklist.cpp(205) : void JSC::JITWorklist::compileNow(JSC::CodeBlock *)
1   0x10e375480 WTFCrash
2   0x10ded9638 JSC::JITWorklist::compileNow(JSC::CodeBlock*)
3   0x10d9af4db JSC::DFG::prepareCodeOriginForOSRExit(JSC::ExecState*, JSC::CodeOrigin)
4   0x10d99de79 compileOSRExit
5   0x38a6ee40531b
6   0x38a6ee4160ba
7   0x38a6ee423cb3
8   0x10df99a3f llint_entry
9   0x10df99ab9 llint_entry
10  0x10df99ab9 llint_entry
11  0x10df92b2e vmEntryToJavaScript
12  0x10dd8493a JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*)
13  0x10dd0edd8 JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*)
14  0x10d68d110 JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&)
15  0x10d1b8c4c runWithScripts(GlobalObject*, WTF::Vector<Script, 0ul, WTF::CrashOnOverflow, 16ul> const&, WTF::String const&, bool, bool)
16  0x10d1b80d7 runJSC(JSC::VM*, CommandLine)
17  0x10d1b719a jscmain(int, char**)
18  0x10d1b704b main
19  0x7fff970745ad start
Failure for command ../../../.vm/JavaScriptCore.framework/Resources/jsc v8-raytrace.js with seed 1466224696, repeat 20: Cannot execute command on iteration 6, status 11 for target 1 at ../../../.helpers/js-executable-allocation-fuzz line 65.
ERROR: Unexpected exit code: 255

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160620/4a848b0a/attachment-0001.html>

More information about the webkit-unassigned mailing list