SEGFAULT in nanojit::Assewmbler::assemble() on MIPS running ecma3/Statements/eregress_74474_003.abc

RESOLVED WONTFIX

Status

P3
normal
RESOLVED WONTFIX
8 years ago
3 years ago

People

(Reporter: brbaker, Assigned: chris)

Tracking

unspecified
Q1 12 - Brannan
Other
Linux
Bug Flags:
in-testsuite +
flashplayer-qrb +
flashplayer-bug +
flashplayer-triage +

Details

(Reporter)

Description

8 years ago
There is an intermittent failure on MIPS running ecma3/Statements/eregress_74474_003.abc

I have not been able to get the failure to happen with a debug build of the shell but was able to capture the following stacktrace from a release build:


Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x636000 (LWP 19897)]
0x00568178 in nanojit::Assembler::assemble ()
Current language:  auto; currently asm
(gdb) bt
#0  0x00568178 in nanojit::Assembler::assemble ()
#1  0x004c53f0 in avmplus::CodegenLIR::emitMD ()
#2  0x004e5a70 in avmplus::BaseExecMgr::verifyJit ()
#3  0x004e39c0 in avmplus::BaseExecMgr::verifyMethod ()
#4  0x004e3acc in avmplus::BaseExecMgr::verifyInvoke ()
#5  0x0054e570 in avmplus::callprop_b<avmplus::Toplevel*> ()
#6  0x004ea288 in avmplus::interpBoxed ()
#7  0x004e311c in avmplus::BaseExecMgr::invokeInterpNoCoerce ()
#8  0x00481908 in avmplus::AvmCore::callScriptEnvEntryPoint ()
#9  0x00481df4 in avmplus::AvmCore::handleActionBlock ()
#10 0x00437f9c in avmshell::ShellCore::handleArbitraryExecutableContent ()
#11 0x0043830c in avmshell::ShellCore::evaluateFile ()
#12 0x0042ea20 in avmshell::Shell::singleWorkerHelper ()
#13 0x0042f198 in avmshell::Shell::singleWorker ()
#14 0x0042fdfc in avmshell::Shell::run ()
#15 0x00449ea0 in main ()
Flags: in-testsuite+
Flags: flashplayer-triage+
Flags: flashplayer-qrb?
Flags: flashplayer-bug+
(Reporter)

Updated

8 years ago
See Also: → bug 484483
(Reporter)

Updated

8 years ago
See Also: → bug 473392

Comment 1

8 years ago
changeset: 6317:e1ebf85008d8
user:      Brent Baker <brbaker@adobe.com>
summary:   Bug 658253: intermittent SEGFAULT in nanojit::Assewmbler::assemble() on MIPS (r=brbaker)

http://hg.mozilla.org/tamarin-redux/rev/e1ebf85008d8
(Reporter)

Comment 2

8 years ago
Here is a little better stacktrace:


[Switching to Thread 0x636000 (LWP 19946)]
nanojit::Assembler::assemble (this=0x2b43c008, frag=<value optimized out>, 
    reader=<value optimized out>) at ../nanojit/Assembler.cpp:1080
1080	../nanojit/Assembler.cpp: No such file or directory.
	in ../nanojit/Assembler.cpp
(gdb) bt
#0  nanojit::Assembler::assemble (this=0x2b43c008, frag=<value optimized out>, 
    reader=<value optimized out>) at ../nanojit/Assembler.cpp:1080
#1  0x004c53f0 in avmplus::CodegenLIR::emitMD (this=0x7fce30e8) at ../core/CodegenLIR.cpp:7334
#2  0x004e5a70 in avmplus::BaseExecMgr::verifyJit (this=0x2aabf058, m=0x2aba8ac0, ms=0x2ac0da18, 
    toplevel=0x2aac7100, abc_env=0x2ab3ae78, osr=0x0) at ../core/exec-jit.cpp:255
#3  0x004e39c0 in avmplus::BaseExecMgr::verifyMethod (this=0x2aabf058, m=0x2aba8ac0, 
    toplevel=0x2aac7100, abc_env=0x2ab3ae78) at ../core/exec.cpp:357
#4  0x004e3acc in avmplus::BaseExecMgr::verifyInvoke (env=0x2aacbda0, argc=0, args=0x7fce332c)
    at ../core/exec.cpp:334
#5  0x0054e570 in avmplus::callprop_b<avmplus::Toplevel*> (env=0x2aac7100, 
    base=<value optimized out>, multiname=0x2ac0b8cc, argc=0, atomv=0x7fce332c, vtable=0x2ab93790, 
    b=0x452) at ../core/instr-inlines.h:116
#6  0x004ea288 in avmplus::interpBoxed (env=0x2aacb2e0, _argc=717267105, _atomv=0x2ac0b8cc)
    at ../core/Toplevel-inlines.h:93
#7  0x004e311c in avmplus::BaseExecMgr::invokeInterpNoCoerce (env=0x2aacb2e0, argc=0, 
    atomv=0x7fce35a0) at ../core/exec.cpp:895
#8  0x00481908 in avmplus::AvmCore::callScriptEnvEntryPoint (this=<value optimized out>, 
    main=0x2aacb2e0) at ../core/MethodEnv-inlines.h:137
#9  0x00481df4 in avmplus::AvmCore::handleActionBlock (this=0x2aaad810, 
    code=<value optimized out>, start=<value optimized out>, toplevel=0x2aac7100, ninit=0x0, 
    codeContext=0x2aac0ff8, apiVersion=avmplus::kApiVersion_SWF_13) at ../core/AvmCore.cpp:946
#10 0x00437f9c in avmshell::ShellCore::handleArbitraryExecutableContent (this=0x2aaad810, 
    settings=@0x7fce3af0, code=@0x7fce3868, 
    filename=0x7fce3eb0 "ecma3/Statements/eregress_74474_003.abc") at ../shell/ShellCore.cpp:562
#11 0x0043830c in avmshell::ShellCore::evaluateFile (this=0x2aaad810, settings=@0x7fce3af0, 
    filename=0x7fce3eb0 "ecma3/Statements/eregress_74474_003.abc") at ../shell/ShellCore.cpp:539
#12 0x0042ea28 in avmshell::Shell::singleWorkerHelper (shell=0x2aaad810, settings=@0x7fce3af0)
    at ../shell/avmshell.cpp:215
#13 0x0042f1a0 in avmshell::Shell::singleWorker (settings=@0x7fce3af0) at ../shell/avmshell.cpp:174
#14 0x0042fe04 in avmshell::Shell::run (argc=2, argv=0x7fce3dd4) at ../shell/avmshell.cpp:141
#15 0x00449ea0 in main (argc=134217728, argv=0x2ac33a58) at ../shell/avmshellUnix.cpp:112

Updated

7 years ago
Assignee: nobody → chris
Flags: flashplayer-qrb? → flashplayer-qrb+
Priority: -- → P3
Target Milestone: --- → Q4 11 - Anza

Comment 3

7 years ago
Moving to Brannan
Target Milestone: Q4 11 - Anza → Q1 12 - Brannan
(Assignee)

Comment 4

7 years ago
Does this bug still show up? A while ago there was an intermittent problem that was resolved by removing one of the test machines from the build system https://bugzilla.mozilla.org/show_bug.cgi?id=679515

I haven't been able to reproduce this problem or another intermittent problem https://bugzilla.mozilla.org/show_bug.cgi?id=615853

Comment 5

7 years ago
(In reply to Chris Dearman from comment #4)
> Does this bug still show up? A while ago there was an intermittent problem
> that was resolved by removing one of the test machines from the build system
> https://bugzilla.mozilla.org/show_bug.cgi?id=679515
> 
> I haven't been able to reproduce this problem or another intermittent
> problem https://bugzilla.mozilla.org/show_bug.cgi?id=615853

The reason this test hasn't been seen to fail recently is that it's been excluded from running by failconfig.txt. Removing asteammips1 from the build system was done to work around a different problem, but perhaps it will help with this as well since we don't know for sure if it was only failing on asteammips1. I'll turn the test back on to see what happens.

Updated

3 years ago
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.