[Webkit-unassigned] [Bug 179479] [JSC][MIPS] Sampling Profiler crashes with functions of arity >=6

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Nov 9 08:42:08 PST 2017 

https://bugs.webkit.org/show_bug.cgi?id=179479

--- Comment #2 from Guillaume Emont <guijemont at igalia.com> ---
Information I get from gdb:

Program received signal SIGSEGV, Segmentation fault.
0x00000000 in ?? ()
(gdb) info registers 
          zero       at       v0       v1       a0       a1       a2       a3
 R0   00000000 00000001 00000000 fffffffc 2f6f6000 2f780210 00000000 00000000 
            t0       t1       t2       t3       t4       t5       t6       t7
 R8   000000ff 00000000 80028350 7fff6558 81010100 ffffffd0 6f662065 2f6fbcf8 
            s0       s1       s2       s3       s4       s5       s6       s7
 R16  7fff65f8 7fff6a98 2f6f6000 2f7800a0 00d586c0 2f7b0110 2f6f6000 2f7e80d0 
            t8       t9       k0       k1       gp       sp       s8       ra
 R24  00000000 00660498 00000000 00000000 00d586c0 7fff64d0 00000000 00000000 
        status       lo       hi badvaddr    cause       pc
      00001f13 000000c8 ffffff38 00000000 00800008 00000000 
          fcsr      fir  restart
      08001004 00330000 00000000 
(gdb) x/64a $sp
0x7fff64d0:     0x2f780210      0xfffffffc      0x2f7f6fc0      0xfffffffb
0x7fff64e0:     0x1     0x2d4e3e1c      0x2f7e80a0      0xfffffffb
0x7fff64f0:     0x0     0xfffffffc      0x0     0xfffffffc
0x7fff6500:     0x0     0xfffffffc      0x0     0xfffffffc
0x7fff6510:     0x0     0xfffffffc      0x0     0xfffffffc
0x7fff6520:     0x0     0xfffffffc      0x2f7f6fc0      0xfffffffb
0x7fff6530:     0x0     0xfffffffc      0x2f7d40a0      0xfffffffb
0x7fff6540:     0x2f7d40a0      0xfffffffb      0x7fff6590      0x722c10 <vmEntryToJavaScript+448>
0x7fff6550:     0x2f7800a0      0x0     0x2f7f6fa0      0xfffffffb
0x7fff6560:     0x1     0x2d4d67f4      0x2f7dc340      0xfffffffb
0x7fff6570:     0x0     0xfffffffc      0x2f7e80d0      0xa704e4 <JSC::ScriptExecutable::prepareForExecutionImpl(JSC::VM&, JSC::JSFunction*, JSC::JSScope*, JSC
::CodeSpecializationKind, JSC::CodeBlock*&)+380>
0x7fff6580:     0x2f6f6000      0x0     0x0     0x2d4b228c
0x7fff6590:     0x2f6f6000      0x6c4314 <JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*)+160>    0xd586c0        0xffffffff
0x7fff65a0:     0x0     0x2f7d40a0      0xd586c0        0x7fff6648
0x7fff65b0:     0x2d4e00b0      0x7fff65b8      0x7fff6a48      0x2d4b2288
0x7fff65c0:     0x7fff65f8      0x695550 <JSC::Interpreter::executeProgram(JSC::SourceCode const&, JSC::ExecState*, JSC::JSObject*)+2508>       0x0     0x2f7b0
110

The addresses of jitted code are visible in the attached jsc-output.txt file.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20171109/4d231f5c/attachment-0001.html>

More information about the webkit-unassigned mailing list