658253 - SEGFAULT in nanojit::Assewmbler::assemble() on MIPS running ecma3/Statements/eregress_74474_003.abc

Status: RESOLVED WONTFIX

(Tamarin Graveyard :: Baseline JIT (CodegenLIR), defect, P3)

Description

[Brent Baker]

There is an intermittent failure on MIPS running ecma3/Statements/eregress_74474_003.abc

I have not been able to get the failure to happen with a debug build of the shell but was able to capture the following stacktrace from a release build:


Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x636000 (LWP 19897)]
0x00568178 in nanojit::Assembler::assemble ()
Current language:  auto; currently asm
(gdb) bt
#0  0x00568178 in nanojit::Assembler::assemble ()
#1  0x004c53f0 in avmplus::CodegenLIR::emitMD ()
#2  0x004e5a70 in avmplus::BaseExecMgr::verifyJit ()
#3  0x004e39c0 in avmplus::BaseExecMgr::verifyMethod ()
#4  0x004e3acc in avmplus::BaseExecMgr::verifyInvoke ()
#5  0x0054e570 in avmplus::callprop_b<avmplus::Toplevel*> ()
#6  0x004ea288 in avmplus::interpBoxed ()
#7  0x004e311c in avmplus::BaseExecMgr::invokeInterpNoCoerce ()
#8  0x00481908 in avmplus::AvmCore::callScriptEnvEntryPoint ()
#9  0x00481df4 in avmplus::AvmCore::handleActionBlock ()
#10 0x00437f9c in avmshell::ShellCore::handleArbitraryExecutableContent ()
#11 0x0043830c in avmshell::ShellCore::evaluateFile ()
#12 0x0042ea20 in avmshell::Shell::singleWorkerHelper ()
#13 0x0042f198 in avmshell::Shell::singleWorker ()
#14 0x0042fdfc in avmshell::Shell::run ()
#15 0x00449ea0 in main ()

Comment 1

[Tamarin Bot]

changeset: 6317:e1ebf85008d8
user:      Brent Baker <brbaker@adobe.com>
summary:   Bug 658253: intermittent SEGFAULT in nanojit::Assewmbler::assemble() on MIPS (r=brbaker)

http://hg.mozilla.org/tamarin-redux/rev/e1ebf85008d8

Comment 2

[Brent Baker]

Here is a little better stacktrace:


[Switching to Thread 0x636000 (LWP 19946)]
nanojit::Assembler::assemble (this=0x2b43c008, frag=<value optimized out>, 
    reader=<value optimized out>) at ../nanojit/Assembler.cpp:1080
1080	../nanojit/Assembler.cpp: No such file or directory.
	in ../nanojit/Assembler.cpp
(gdb) bt
#0  nanojit::Assembler::assemble (this=0x2b43c008, frag=<value optimized out>, 
    reader=<value optimized out>) at ../nanojit/Assembler.cpp:1080
#1  0x004c53f0 in avmplus::CodegenLIR::emitMD (this=0x7fce30e8) at ../core/CodegenLIR.cpp:7334
#2  0x004e5a70 in avmplus::BaseExecMgr::verifyJit (this=0x2aabf058, m=0x2aba8ac0, ms=0x2ac0da18, 
    toplevel=0x2aac7100, abc_env=0x2ab3ae78, osr=0x0) at ../core/exec-jit.cpp:255
#3  0x004e39c0 in avmplus::BaseExecMgr::verifyMethod (this=0x2aabf058, m=0x2aba8ac0, 
    toplevel=0x2aac7100, abc_env=0x2ab3ae78) at ../core/exec.cpp:357
#4  0x004e3acc in avmplus::BaseExecMgr::verifyInvoke (env=0x2aacbda0, argc=0, args=0x7fce332c)
    at ../core/exec.cpp:334
#5  0x0054e570 in avmplus::callprop_b<avmplus::Toplevel*> (env=0x2aac7100, 
    base=<value optimized out>, multiname=0x2ac0b8cc, argc=0, atomv=0x7fce332c, vtable=0x2ab93790, 
    b=0x452) at ../core/instr-inlines.h:116
#6  0x004ea288 in avmplus::interpBoxed (env=0x2aacb2e0, _argc=717267105, _atomv=0x2ac0b8cc)
    at ../core/Toplevel-inlines.h:93
#7  0x004e311c in avmplus::BaseExecMgr::invokeInterpNoCoerce (env=0x2aacb2e0, argc=0, 
    atomv=0x7fce35a0) at ../core/exec.cpp:895
#8  0x00481908 in avmplus::AvmCore::callScriptEnvEntryPoint (this=<value optimized out>, 
    main=0x2aacb2e0) at ../core/MethodEnv-inlines.h:137
#9  0x00481df4 in avmplus::AvmCore::handleActionBlock (this=0x2aaad810, 
    code=<value optimized out>, start=<value optimized out>, toplevel=0x2aac7100, ninit=0x0, 
    codeContext=0x2aac0ff8, apiVersion=avmplus::kApiVersion_SWF_13) at ../core/AvmCore.cpp:946
#10 0x00437f9c in avmshell::ShellCore::handleArbitraryExecutableContent (this=0x2aaad810, 
    settings=@0x7fce3af0, code=@0x7fce3868, 
    filename=0x7fce3eb0 "ecma3/Statements/eregress_74474_003.abc") at ../shell/ShellCore.cpp:562
#11 0x0043830c in avmshell::ShellCore::evaluateFile (this=0x2aaad810, settings=@0x7fce3af0, 
    filename=0x7fce3eb0 "ecma3/Statements/eregress_74474_003.abc") at ../shell/ShellCore.cpp:539
#12 0x0042ea28 in avmshell::Shell::singleWorkerHelper (shell=0x2aaad810, settings=@0x7fce3af0)
    at ../shell/avmshell.cpp:215
#13 0x0042f1a0 in avmshell::Shell::singleWorker (settings=@0x7fce3af0) at ../shell/avmshell.cpp:174
#14 0x0042fe04 in avmshell::Shell::run (argc=2, argv=0x7fce3dd4) at ../shell/avmshell.cpp:141
#15 0x00449ea0 in main (argc=134217728, argv=0x2ac33a58) at ../shell/avmshellUnix.cpp:112

Comment 3

[Trevor Baker]

Moving to Brannan

Comment 4

[Chris Dearman]

Does this bug still show up? A while ago there was an intermittent problem that was resolved by removing one of the test machines from the build system https://bugzilla.mozilla.org/show_bug.cgi?id=679515

I haven't been able to reproduce this problem or another intermittent problem https://bugzilla.mozilla.org/show_bug.cgi?id=615853

Comment 5

[James Sudduth]

(In reply to Chris Dearman from comment #4)
> Does this bug still show up? A while ago there was an intermittent problem
> that was resolved by removing one of the test machines from the build system
> https://bugzilla.mozilla.org/show_bug.cgi?id=679515
> 
> I haven't been able to reproduce this problem or another intermittent
> problem https://bugzilla.mozilla.org/show_bug.cgi?id=615853

The reason this test hasn't been seen to fail recently is that it's been excluded from running by failconfig.txt. Removing asteammips1 from the build system was done to work around a different problem, but perhaps it will help with this as well since we don't know for sure if it was only failing on asteammips1. I'll turn the test back on to see what happens.