[Webkit-unassigned] [Bug 217189] [GStreamer] webaudio/Convolver/unmmodified-buffer.html is flaky timing out and crashing inside JSC since added in r267307
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Oct 1 13:43:21 PDT 2020
https://bugs.webkit.org/show_bug.cgi?id=217189
--- Comment #1 from Lauro Moura <lmoura at igalia.com> ---
Created attachment 410264
--> https://bugs.webkit.org/attachment.cgi?id=410264&action=review
JSC::X86Assembler::getRelocatedAddress fails labe.isSet() assert
Thread 1 (Thread 0x7f4df90e29c0 (LWP 107)):
#0 WTFCrash() () at ../../Source/WTF/wtf/Assertions.cpp:295
#1 0x00007f4e10845ed7 in CRASH_WITH_INFO(...) () at DerivedSources/ForwardingHeaders/wtf/Assertions.h:713
#2 0x00007f4e00c62cd2 in JSC::X86Assembler::getRelocatedAddress(void*, JSC::AssemblerLabel) (code=0x7f4df8482660, label=...) at ../../Source/JavaScriptCore/assembler/X86Assembler.h:3947 #3 0x00007f4e00ed2a80 in JSC::AbstractMacroAssembler<JSC::X86Assembler>::getLinkerAddress<(WTF::PtrTag)26432>(void*, JSC::AssemblerLabel) (code=0x7f4df8482660, label=...) at ../../Source/JavaScriptCore/assembler/AbstractMacroAssembler.h:880 #4 0x00007f4e013713ac in JSC::LinkBuffer::locationOf<(WTF::PtrTag)26432>(JSC::AbstractMacroAssembler<JSC::X86Assembler>::Label) (this=0x7f4db4474450, label=...) at ../../Source/JavaScriptCore/assembler/
LinkBuffer.h:219 #5 0x00007f4e0154c06c in JSC::JITMathIC<JSC::JITMulGenerator, JSC::BinaryArithProfile>::finalizeInlineCode(JSC::MathICGenerationState const&, JSC::LinkBuffer&) (this=0x7f4db4485120, state=..., linkBuffer=...) at ../../Source/JavaScriptCore/jit/JITMathIC.h:214 #6 0x00007f4e01a8f28a in JSC::JIT::emitMathICSlow<JSC::OpMul, JSC::JITMulGenerator, long (*)(JSC::JSGlobalObject*, long, long, JSC::JITBinaryMathIC<JSC::JITMulGenerator>*), long (*)(JSC::JSGlobalObject*
, long, long, JSC::BinaryArithProfile*), long (*)(JSC::JSGlobalObject*, long, long, JSC::JITBinaryMathIC<JSC::JITMulGenerator>*)>(JSC::JITBinaryMathIC<JSC::JITMulGenerator>*, JSC::Instruction const*, lon
g (*)(JSC::JSGlobalObject*, long, long, JSC::JITBinaryMathIC<JSC::JITMulGenerator>*), long (*)(JSC::JSGlobalObject*, long, long, JSC::BinaryArithProfile*), long (*)(JSC::JSGlobalObject*, long, long, JSC:
:JITBinaryMathIC<JSC::JITMulGenerator>*))::{lambda(JSC::LinkBuffer&)#1}::operator()(JSC::LinkBuffer&) const (this=0x7f4db4476088, linkBuffer=...) at ../../Source/JavaScriptCore/jit/JITArithmetic.cpp:1148
#7 0x00007f4e01aa52a6 in WTF::SharedTaskFunctor<void (JSC::LinkBuffer&), JSC::JIT::emitMathICSlow<JSC::OpMul, JSC::JITMulGenerator, long (*)(JSC::JSGlobalObject*, long, long, JSC::JITBinaryMathIC<JSC::J
ITMulGenerator>*), long (*)(JSC::JSGlobalObject*, long, long, JSC::BinaryArithProfile*), long (*)(JSC::JSGlobalObject*, long, long, JSC::JITBinaryMathIC<JSC::JITMulGenerator>*)>(JSC::JITBinaryMathIC<JSC:
:JITMulGenerator>*, JSC::Instruction const*, long (*)(JSC::JSGlobalObject*, long, long, JSC::JITBinaryMathIC<JSC::JITMulGenerator>*), long (*)(JSC::JSGlobalObject*, long, long, JSC::BinaryArithProfile*), long (*)(JSC::JSGlobalObject*, long, long, JSC::JITBinaryMathIC<JSC::JITMulGenerator>*))::{lambda(JSC::LinkBuffer&)#1}>::run(JSC::LinkBuffer&) (this=0x7f4db4476078, arguments#0=...) at DerivedSources/Fo
rwardingHeaders/wtf/SharedTask.h:91
#8 0x00007f4e00bd50c3 in JSC::LinkBuffer::performFinalization() (this=0x7f4db4474450) at ../../Source/JavaScriptCore/assembler/LinkBuffer.cpp:458
#9 0x00007f4e00bd4927 in JSC::LinkBuffer::finalizeCodeWithoutDisassemblyImpl() (this=0x7f4db4474450) at ../../Source/JavaScriptCore/assembler/LinkBuffer.cpp:68
#10 0x00007f4e013722c4 in JSC::LinkBuffer::finalizeCodeWithoutDisassembly<(WTF::PtrTag)357>() (this=0x7f4db4474450) at ../../Source/JavaScriptCore/assembler/LinkBuffer.h:272
#11 0x00007f4e01a6e511 in JSC::JIT::link() (this=0x7f4db44567a0) at ../../Source/JavaScriptCore/jit/JIT.cpp:961
#12 0x00007f4e01b049e1 in JSC::JITWorklist::Plan::finalize() (this=0x7f4db4456780) at ../../Source/JavaScriptCore/jit/JITWorklist.cpp:55
#13 0x00007f4e01b013ec in JSC::JITWorklist::finalizePlans(WTF::Vector<WTF::RefPtr<JSC::JITWorklist::Plan, WTF::DumbPtrTraits<JSC::JITWorklist::Plan>, WTF::DefaultRefDerefTraits<JSC::JITWorklist::Plan> >,
32ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&) (this=0x7f4df8779280, myPlans=...) at ../../Source/JavaScriptCore/jit/JITWorklist.cpp:314
#14 0x00007f4e01b00f45 in JSC::JITWorklist::poll(JSC::VM&) (this=0x7f4df8779280, vm=...) at ../../Source/JavaScriptCore/jit/JITWorklist.cpp:224
#15 0x00007f4e01b44482 in JSC::LLInt::jitCompileAndSetHeuristics(JSC::VM&, JSC::CodeBlock*, JSC::BytecodeIndex) (vm=..., codeBlock=0x7f4db522fc90, loopOSREntryBytecodeIndex=...) at ../../Source/JavaScrip
tCore/llint/LLIntSlowPaths.cpp:377
#16 0x00007f4e01b2ddf0 in JSC::LLInt::llint_loop_osr(JSC::CallFrame*, JSC::Instruction const*) (callFrame=0x7ffc9c7aad70, pc=0x7f4d9e6fb0d7) at ../../Source/JavaScriptCore/llint/LLIntSlowPaths.cpp:481
#17 0x00007f4e00a81324 in llint_op_loop_hint () at /app/webkit/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm:97
#18 0x0000000200000002 in ()
#19 0x0000000000000000 in ()
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20201001/d4f064e1/attachment.htm>
More information about the webkit-unassigned
mailing list