239457 2022-04-18 11:53:32 -0700 The VMTraps signal handler should no return SignalAction::NotHandled on codeBlockSet lock contention. 2022-04-18 16:07:52 -0700 1 1 1 Unclassified WebKit JavaScriptCore WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 mark.lam mark.lam ews-watchlist keith_miller msaboff saam tzagallo webkit-bug-importer ysuzuki oldest_to_newest 1862277 0 mark.lam 2022-04-18 11:53:32 -0700 The signal handler is triggered by the mutator thread due to the installed halt instructions in JIT code (which we already confirmed higher up in the signal handler). Hence, the mutator cannot be in C++ code, and therefore, cannot be already holding the codeBlockSet lock. The only time the codeBlockSet lock could be in contention is if the Sampling Profiler thread is holding it. In that case, we'll simply wait till the Sampling Profiler is done with it. There are no lock ordering issues w.r.t. the Sampling Profiler on this code path. Note that it is not ok to return SignalAction::NotHandled here if we see contention. Doing so will cause the fault to be handled by the default handler, which will crash. It is also not productive to return SignalAction::Handled on contention. Doing so will simply trigger this fault handler over and over again. We might as well wait for the Sampling Profiler to release the lock, which is what we should do. This issue was detected by the stress/get-array-length-concurrently-change-mode.js.ftl-no-cjit-validate-sampling-profiler test, resulting in intermittent crashes. 1862280 1 457813 mark.lam 2022-04-18 11:59:05 -0700 Created attachment 457813 [fast-cq] proposed patch. 1862281 2 webkit-bug-importer 2022-04-18 12:00:44 -0700 <rdar://problem/91908204> 1862282 3 457813 ysuzuki 2022-04-18 12:01:45 -0700 Comment on attachment 457813 [fast-cq] proposed patch. r=me 1862352 4 457813 mark.lam 2022-04-18 16:05:19 -0700 Comment on attachment 457813 [fast-cq] proposed patch. Thanks for the review. 1862353 5 ews-feeder 2022-04-18 16:07:50 -0700 Committed r292978 (249741@main): <https://commits.webkit.org/249741@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 457813. 457813 2022-04-18 11:59:05 -0700 2022-04-18 16:07:51 -0700 [fast-cq] proposed patch. bug-239457.patch text/plain 4761 mark.lam SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMjkyOTYyKQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDI5IEBA CisyMDIyLTA0LTE4ICBNYXJrIExhbSAgPG1hcmsubGFtQGFwcGxlLmNvbT4KKworICAgICAgICBU aGUgVk1UcmFwcyBzaWduYWwgaGFuZGxlciBzaG91bGQgbm8gcmV0dXJuIFNpZ25hbEFjdGlvbjo6 Tm90SGFuZGxlZCBvbiBjb2RlQmxvY2tTZXQgbG9jayBjb250ZW50aW9uLgorICAgICAgICBodHRw czovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MjM5NDU3CisKKyAgICAgICAgUmV2 aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgVGhlIHNpZ25hbCBoYW5kbGVyIGlz IHRyaWdnZXJlZCBieSB0aGUgbXV0YXRvciB0aHJlYWQgZHVlIHRvIHRoZSBpbnN0YWxsZWQgaGFs dAorICAgICAgICBpbnN0cnVjdGlvbnMgaW4gSklUIGNvZGUgKHdoaWNoIHdlIGFscmVhZHkgY29u ZmlybWVkIGhpZ2hlciB1cCBpbiB0aGUgc2lnbmFsIGhhbmRsZXIpLgorICAgICAgICBIZW5jZSwg dGhlIG11dGF0b3IgY2Fubm90IGJlIGluIEMrKyBjb2RlLCBhbmQgdGhlcmVmb3JlLCBjYW5ub3Qg YmUgYWxyZWFkeSBob2xkaW5nCisgICAgICAgIHRoZSBjb2RlQmxvY2tTZXQgbG9jay4gIFRoZSBv bmx5IHRpbWUgdGhlIGNvZGVCbG9ja1NldCBsb2NrIGNvdWxkIGJlIGluIGNvbnRlbnRpb24KKyAg ICAgICAgaXMgaWYgdGhlIFNhbXBsaW5nIFByb2ZpbGVyIHRocmVhZCBpcyBob2xkaW5nIGl0LiAg SW4gdGhhdCBjYXNlLCB3ZSdsbCBzaW1wbHkgd2FpdAorICAgICAgICB0aWxsIHRoZSBTYW1wbGlu ZyBQcm9maWxlciBpcyBkb25lIHdpdGggaXQuICBUaGVyZSBhcmUgbm8gbG9jayBvcmRlcmluZyBp c3N1ZXMgdy5yLnQuCisgICAgICAgIHRoZSBTYW1wbGluZyBQcm9maWxlciBvbiB0aGlzIGNvZGUg cGF0aC4KKworICAgICAgICBOb3RlIHRoYXQgaXQgaXMgbm90IG9rIHRvIHJldHVybiBTaWduYWxB Y3Rpb246Ok5vdEhhbmRsZWQgaGVyZSBpZiB3ZSBzZWUgY29udGVudGlvbi4KKyAgICAgICAgRG9p bmcgc28gd2lsbCBjYXVzZSB0aGUgZmF1bHQgdG8gYmUgaGFuZGxlZCBieSB0aGUgZGVmYXVsdCBo YW5kbGVyLCB3aGljaCB3aWxsIGNyYXNoLgorICAgICAgICBJdCBpcyBhbHNvIG5vdCBwcm9kdWN0 aXZlIHRvIHJldHVybiBTaWduYWxBY3Rpb246OkhhbmRsZWQgb24gY29udGVudGlvbi4gIERvaW5n IHNvCisgICAgICAgIHdpbGwgc2ltcGx5IHRyaWdnZXIgdGhpcyBmYXVsdCBoYW5kbGVyIG92ZXIg YW5kIG92ZXIgYWdhaW4uICBXZSBtaWdodCBhcyB3ZWxsIHdhaXQKKyAgICAgICAgZm9yIHRoZSBT YW1wbGluZyBQcm9maWxlciB0byByZWxlYXNlIHRoZSBsb2NrLCB3aGljaCBpcyB3aGF0IHdlIHNo b3VsZCBkby4KKworICAgICAgICBUaGlzIGlzc3VlIHdhcyBkZXRlY3RlZCBieSB0aGUgc3RyZXNz L2dldC1hcnJheS1sZW5ndGgtY29uY3VycmVudGx5LWNoYW5nZS1tb2RlLmpzLmZ0bC1uby1jaml0 LXZhbGlkYXRlLXNhbXBsaW5nLXByb2ZpbGVyCisgICAgICAgIHRlc3QsIHJlc3VsdGluZyBpbiBp bnRlcm1pdHRlbnQgY3Jhc2hlcy4KKworICAgICAgICAqIHJ1bnRpbWUvVk1UcmFwcy5jcHA6CisK IDIwMjItMDQtMTggIEVsbGlvdHQgV2lsbGlhbXMgIDxlbXdAYXBwbGUuY29tPgogCiAgICAgICAg IFtYQ0J1aWxkXSBVc2UgWENCdWlsZCBmb3IgYWxsIGNvbW1hbmQtbGluZSBhbmQgcHJvamVjdCBi dWlsZHMKSW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9ydW50aW1lL1ZNVHJhcHMuY3BwCj09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT0KLS0tIFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9ydW50aW1lL1ZNVHJhcHMuY3BwCShy ZXZpc2lvbiAyOTI5NTApCisrKyBTb3VyY2UvSmF2YVNjcmlwdENvcmUvcnVudGltZS9WTVRyYXBz LmNwcAkod29ya2luZyBjb3B5KQpAQCAtMSw1ICsxLDUgQEAKIC8qCi0gKiBDb3B5cmlnaHQgKEMp IDIwMTctMjAyMSBBcHBsZSBJbmMuIEFsbCByaWdodHMgcmVzZXJ2ZWQuCisgKiBDb3B5cmlnaHQg KEMpIDIwMTctMjAyMiBBcHBsZSBJbmMuIEFsbCByaWdodHMgcmVzZXJ2ZWQuCiAgKgogICogUmVk aXN0cmlidXRpb24gYW5kIHVzZSBpbiBzb3VyY2UgYW5kIGJpbmFyeSBmb3Jtcywgd2l0aCBvciB3 aXRob3V0CiAgKiBtb2RpZmljYXRpb24sIGFyZSBwZXJtaXR0ZWQgcHJvdmlkZWQgdGhhdCB0aGUg Zm9sbG93aW5nIGNvbmRpdGlvbnMKQEAgLTIyNSwxNiArMjI1LDE5IEBAIHB1YmxpYzoKICAgICAg ICAgICAgICAgICBBU1NFUlQoY3VycmVudENvZGVCbG9jay0+aGFzSW5zdGFsbGVkVk1UcmFwQnJl YWtwb2ludHMoKSk7CiAgICAgICAgICAgICAgICAgVk0mIHZtID0gY3VycmVudENvZGVCbG9jay0+ dm0oKTsKIAotICAgICAgICAgICAgICAgIC8vIEV2ZW4gdGhvdWdoIHdlIGtub3cgdGhlIG11dGF0 b3IgdGhyZWFkIGlzIG5vdCBpbiBDKysgY29kZSBhbmQgdGhlcmVmb3JlLCBub3QgaG9sZGluZwot ICAgICAgICAgICAgICAgIC8vIHRoaXMgbG9jaywgdGhlIHNhbXBsaW5nIHByb2ZpbGVyIG1heSBo YXZlIGFjcXVpcmVkIHRoaXMgbG9jayBiZWZvcmUgYWNxdWlyaW5nCi0gICAgICAgICAgICAgICAg Ly8gVGhyZWFkU3VzcGVuZExvY2tlciBhbmQgc3VzcGVuZGluZyB0aGUgbXV0YXRvci4gU2luY2Ug Vk1UcmFwcyBhY3F1aXJlcyB0aGUKLSAgICAgICAgICAgICAgICAvLyBUaHJlYWRTdXNwZW5kTG9j a2VyIGZpcnN0LCB3ZSBjYW4gZGVhZGxvY2sgd2l0aCB0aGUgU2FtcGxpbmcgUHJvZmlsZXIgdGhy ZWFkLCBhbmQKLSAgICAgICAgICAgICAgICAvLyBsZWF2ZSB0aGUgbXV0YXRvciBpbiBhIHN1c3Bl bmRlZCBzdGF0ZSwgb3IgZm9yZXZlciBibG9ja2VkIG9uIHRoZSBjb2RlQmxvY2tTZXQgbG9jay4K LSAgICAgICAgICAgICAgICBMb2NrJiBjb2RlQmxvY2tTZXRMb2NrID0gdm0uaGVhcC5jb2RlQmxv Y2tTZXQoKS5nZXRMb2NrKCk7Ci0gICAgICAgICAgICAgICAgaWYgKCFjb2RlQmxvY2tTZXRMb2Nr LnRyeUxvY2soKSkKLSAgICAgICAgICAgICAgICAgICAgcmV0dXJuIFNpZ25hbEFjdGlvbjo6Tm90 SGFuZGxlZDsKLQotICAgICAgICAgICAgICAgIExvY2tlciBjb2RlQmxvY2tTZXRMb2NrZXIgeyBB ZG9wdExvY2ssIGNvZGVCbG9ja1NldExvY2sgfTsKKyAgICAgICAgICAgICAgICAvLyBUaGlzIHNp Z25hbCBoYW5kbGVyIGlzIHRyaWdnZXJlZCBieSB0aGUgbXV0YXRvciB0aHJlYWQgZHVlIHRvIHRo ZSBpbnN0YWxsZWQgaGFsdCBpbnN0cnVjdGlvbnMKKyAgICAgICAgICAgICAgICAvLyBpbiBKSVQg Y29kZSAod2hpY2ggd2UgYWxyZWFkeSBjb25maXJtZWQgYWJvdmUpLiBIZW5jZSwgdGhlIGN1cnJl bnQgdGhyZWFkICh0aGUgbXV0YXRvcikKKyAgICAgICAgICAgICAgICAvLyBjYW5ub3QgYmUgaW4g QysrIGNvZGUsIGFuZCB0aGVyZWZvcmUsIGNhbm5vdCBiZSBhbHJlYWR5IGhvbGRpbmcgdGhlIGNv ZGVCbG9ja1NldCBsb2NrLgorICAgICAgICAgICAgICAgIC8vIFRoZSBvbmx5IHRpbWUgdGhlIGNv ZGVCbG9ja1NldCBsb2NrIGNvdWxkIGJlIGluIGNvbnRlbnRpb24gaXMgaWYgdGhlIFNhbXBsaW5n IFByb2ZpbGVyIHRocmVhZAorICAgICAgICAgICAgICAgIC8vIGlzIGhvbGRpbmcgaXQuIEluIHRo YXQgY2FzZSwgd2UnbGwgc2ltcGx5IHdhaXQgdGlsbCB0aGUgU2FtcGxpbmcgUHJvZmlsZXIgaXMg ZG9uZSB3aXRoIGl0LgorICAgICAgICAgICAgICAgIC8vIFRoZXJlIGFyZSBubyBsb2NrIG9yZGVy aW5nIGlzc3VlcyB3LnIudC4gdGhlIFNhbXBsaW5nIFByb2ZpbGVyIG9uIHRoaXMgY29kZSBwYXRo LgorICAgICAgICAgICAgICAgIC8vCisgICAgICAgICAgICAgICAgLy8gTm90ZSB0aGF0IGl0IGlz IG5vdCBvayB0byByZXR1cm4gU2lnbmFsQWN0aW9uOjpOb3RIYW5kbGVkIGhlcmUgaWYgd2Ugc2Vl IGNvbnRlbnRpb24uIERvaW5nCisgICAgICAgICAgICAgICAgLy8gc28gd2lsbCBjYXVzZSB0aGUg ZmF1bHQgdG8gYmUgaGFuZGxlZCBieSB0aGUgZGVmYXVsdCBoYW5kbGVyLCB3aGljaCB3aWxsIGNy YXNoLiBJdCBpcyBhbHNvIG5vdAorICAgICAgICAgICAgICAgIC8vIHByb2R1Y3RpdmUgdG8gcmV0 dXJuIFNpZ25hbEFjdGlvbjo6SGFuZGxlZCBvbiBjb250ZW50aW9uLiBEb2luZyBzbyB3aWxsIHNp bXBseSB0cmlnZ2VyIHRoaXMKKyAgICAgICAgICAgICAgICAvLyBmYXVsdCBoYW5kbGVyIG92ZXIg YW5kIG92ZXIgYWdhaW4uIFdlIG1pZ2h0IGFzIHdlbGwgd2FpdCBmb3IgdGhlIFNhbXBsaW5nIFBy b2ZpbGVyIHRvIHJlbGVhc2UKKyAgICAgICAgICAgICAgICAvLyB0aGUgbG9jaywgd2hpY2ggaXMg d2hhdCB3ZSBkbyBoZXJlLgorICAgICAgICAgICAgICAgIExvY2tlciBjb2RlQmxvY2tTZXRMb2Nr ZXIgeyB2bS5oZWFwLmNvZGVCbG9ja1NldCgpLmdldExvY2soKSB9OwogCiAgICAgICAgICAgICAg ICAgYm9vbCBzYXdDdXJyZW50Q29kZUJsb2NrID0gZmFsc2U7CiAgICAgICAgICAgICAgICAgdm0u aGVhcC5mb3JFYWNoQ29kZUJsb2NrSWdub3JpbmdKSVRQbGFucyhjb2RlQmxvY2tTZXRMb2NrZXIs IFsmXSAoQ29kZUJsb2NrKiBjb2RlQmxvY2spIHsK