[Webkit-unassigned] [Bug 180878] REGRESSION: Hundreds of test failures on 32-bit JSC bot

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Dec 15 12:59:49 PST 2017


https://bugs.webkit.org/show_bug.cgi?id=180878

--- Comment #1 from Ryan Haddad <ryanhaddad at apple.com> ---
Created attachment 329509

  --> https://bugs.webkit.org/attachment.cgi?id=329509&action=review

Crash log

Here is a crashlog pulled from one of the bots:

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.JavaScriptCore            0x0027fb6d JSC::IndexingHeader::vectorLength() const + 13 (IndexingHeader.h:56)
1   com.apple.JavaScriptCore            0x0027fadf JSC::Butterfly::vectorLength() const + 31 (Butterfly.h:122)
2   com.apple.JavaScriptCore            0x0027f8a7 JSC::Butterfly::computeIndexingMask() const + 23 (Butterfly.h:127)
3   com.apple.JavaScriptCore            0x0028a4d7 JSC::JSObject::nukeStructureAndSetButterfly(JSC::VM&, JSC::Structure*, JSC::Butterfly*) + 103 (JSObject.h:1286)
4   com.apple.JavaScriptCore            0x00289552 bool JSC::JSObject::putDirectInternal<(JSC::JSObject::PutMode)1>(JSC::VM&, JSC::PropertyName, JSC::JSValue, unsigned int, JSC::PutPropertySlot&) + 2370 (JSObjectInlines.h:318)
5   com.apple.JavaScriptCore            0x00288174 JSC::JSObject::putDirect(JSC::VM&, JSC::PropertyName, JSC::JSValue, unsigned int) + 420 (JSObject.h:1507)
6   com.apple.JavaScriptCore            0x00fdccfe JSC::JSFunction::getOwnPropertySlot(JSC::JSObject*, JSC::ExecState*, JSC::PropertyName, JSC::PropertySlot&) + 910 (JSFunction.cpp:393)
7   com.apple.JavaScriptCore            0x002b3984 JSC::JSObject::getNonIndexPropertySlot(JSC::ExecState*, JSC::PropertyName, JSC::PropertySlot&) + 580 (JSObjectInlines.h:146)
8   com.apple.JavaScriptCore            0x002b322a JSC::JSObject::getPropertySlot(JSC::ExecState*, JSC::PropertyName, JSC::PropertySlot&) + 282 (JSObject.h:1432)
9   com.apple.JavaScriptCore            0x002a1c8d JSC::JSObject::get(JSC::ExecState*, JSC::PropertyName) const + 301 (JSObject.h:1456)
10  com.apple.JavaScriptCore            0x00fe7b95 JSC::JSFunction::prototypeForConstruction(JSC::VM&, JSC::ExecState*) + 181 (JSFunction.cpp:143)
11  com.apple.JavaScriptCore            0x00fe7d25 JSC::JSFunction::allocateAndInitializeRareData(JSC::ExecState*, unsigned long) + 165 (JSFunction.cpp:155)
12  com.apple.JavaScriptCore            0x007f4815 JSC::JSFunction::rareData(JSC::ExecState*, unsigned int) + 85 (JSFunction.h:129)
13  com.apple.JavaScriptCore            0x007f44e6 operationCreateThis + 246 (DFGOperations.cpp:245)
14  ???                                 0x0350554a 0 + 55596362
15  ???                                 0x03502faf 0 + 55586735
16  ???                                 0x035022e1 0 + 55583457
17  ???                                 0x0350e818 0 + 55633944
18  com.apple.JavaScriptCore            0x00249a57 llint_entry + 23421 (LowLevelInterpreter.asm:789)
19  com.apple.JavaScriptCore            0x00243d24 vmEntryToJavaScript + 292 (LowLevelInterpreter.asm:524)
20  com.apple.JavaScriptCore            0x00c86528 JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 408 (JITCode.cpp:81)
21  com.apple.JavaScriptCore            0x00c2227a JSC::Interpreter::executeProgram(JSC::SourceCode const&, JSC::ExecState*, JSC::JSObject*) + 6426 (Interpreter.cpp:941)
22  com.apple.JavaScriptCore            0x00f03562 JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 626 (Completion.cpp:103)
23  jsc                                 0x000f7b91 runWithOptions(GlobalObject*, CommandLine&) + 2561 (jsc.cpp:2275)
24  jsc                                 0x000ccd9c jscmain(int, char**)::$_3::operator()(JSC::VM&, GlobalObject*) const + 44 (jsc.cpp:2678)
25  jsc                                 0x000b353f int runJSC<jscmain(int, char**)::$_3>(CommandLine, bool, jscmain(int, char**)::$_3 const&) + 1231 (jsc.cpp:2580)
26  jsc                                 0x000b1d00 jscmain(int, char**) + 192 (jsc.cpp:2675)
27  jsc                                 0x000b1c27 main + 55 (jsc.cpp:2107)
28  libdyld.dylib                       0xa75536e1 start + 1

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20171215/aa2f4407/attachment-0001.html>


More information about the webkit-unassigned mailing list