Bug 158687

Summary: Stack overflow at RefPtr::release on Windows port since r201782
Product: WebKit Reporter: Fujii Hironori <fujii.hironori>
Component: Web Template FrameworkAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, aestes, andersca, ap, beidson, benjamin, bfulgham, cdumez, cmarcelo, commit-queue, darin, krollin, pvollan, rniwa, youennf
Priority: P2    
Version: WebKit Nightly Build   
Hardware: PC   
OS: Windows 10   
See Also: https://bugs.webkit.org/show_bug.cgi?id=157596
Attachments:
Description Flags
Patch none

Fujii Hironori
Reported 2016-06-13 02:54:49 PDT
[Win] Stack overflow at RefPtr::release trunk@201986 AppleWin Debug (CMake) build When starting MiniBrowser, following dialog will be shown: > Unhandled exception at 0x100694E0 (WebKit.dll) in MiniBrowser.exe: 0xC00000FD: Stack overflow (parameters: 0x00000001, 0x00092FFC). Callstack: > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::RefPtr<WTF::StringImpl>(WTF::StringImpl * ptr, WTF::RefPtr<WTF::StringImpl>::AdoptTag __formal) Line 108 C++ > WebKit.dll!WTF::adoptRef<WTF::StringImpl>(WTF::StringImpl * p) Line 243 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::release() Line 69 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::RefPtr<WTF::StringImpl>(WTF::RefPtr<WTF::StringImpl> && o) Line 52 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::release() Line 69 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::RefPtr<WTF::StringImpl>(WTF::RefPtr<WTF::StringImpl> && o) Line 52 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::release() Line 69 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::RefPtr<WTF::StringImpl>(WTF::RefPtr<WTF::StringImpl> && o) Line 52 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::release() Line 69 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::RefPtr<WTF::StringImpl>(WTF::RefPtr<WTF::StringImpl> && o) Line 52 C++ (...) > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::release() Line 69 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::RefPtr<WTF::StringImpl>(WTF::RefPtr<WTF::StringImpl> && o) Line 52 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::release() Line 69 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::RefPtr<WTF::StringImpl>(WTF::RefPtr<WTF::StringImpl> && o) Line 52 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::release() Line 69 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::RefPtr<WTF::StringImpl>(WTF::RefPtr<WTF::StringImpl> && o) Line 52 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::release() Line 69 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::RefPtr<WTF::StringImpl>(WTF::RefPtr<WTF::StringImpl> && o) Line 52 C++ > The maximum number of stack frames supported by Visual Studio has been exceeded.
Attachments
Patch (1.67 KB, patch)
2016-06-13 04:30 PDT, Fujii Hironori 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Fujii Hironori
Comment 1 2016-06-13 02:57:53 PDT
Another callstack by stoping with a breakpoint: > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::RefPtr<WTF::StringImpl>(WTF::RefPtr<WTF::StringImpl> && o) Line 52 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::release() Line 69 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::RefPtr<WTF::StringImpl>(WTF::RefPtr<WTF::StringImpl> && o) Line 52 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::release() Line 69 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::RefPtr<WTF::StringImpl>(WTF::RefPtr<WTF::StringImpl> && o) Line 52 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::release() Line 69 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::RefPtr<WTF::StringImpl>(WTF::RefPtr<WTF::StringImpl> && o) Line 52 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::release() Line 69 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::RefPtr<WTF::StringImpl>(WTF::RefPtr<WTF::StringImpl> && o) Line 52 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::release() Line 69 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::RefPtr<WTF::StringImpl>(WTF::RefPtr<WTF::StringImpl> && o) Line 52 C++ > WebKit.dll!WTF::RefPtr<WTF::StringImpl>::operator=(WTF::RefPtr<WTF::StringImpl> && o) Line 173 C++ > WebKit.dll!WTF::String::operator=(WTF::String && other) Line 134 C++ > WebKit.dll!WTF::HashMapTranslator<WTF::HashMap<WTF::String,unsigned int,WTF::StringHash,WTF::HashTraits<WTF::String>,WTF::HashTraits<unsigned int> >::KeyValuePairTraits,WTF::StringHash>::translate<WTF::KeyValuePair<WTF::String,unsigned int>,WTF::String,int>(WTF::KeyValuePair<WTF::String,unsigned int> & location, WTF::String && key, int && mapped) Line 185 C++ > WebKit.dll!WTF::HashTable<WTF::String,WTF::KeyValuePair<WTF::String,unsigned int>,WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<WTF::String,unsigned int> >,WTF::StringHash,WTF::HashMap<WTF::String,unsigned int,WTF::StringHash,WTF::HashTraits<WTF::String>,WTF::HashTraits<unsigned int> >::KeyValuePairTraits,WTF::HashTraits<WTF::String> >::add<WTF::HashMapTranslator<WTF::HashMap<WTF::String,unsigned int,WTF::StringHash,WTF::HashTraits<WTF::String>,WTF::HashTraits<unsigned int> >::KeyValuePairTraits,WTF::StringHash>,WTF::String,int>(WTF::String && key, int && extra) Line 932 C++ > WebKit.dll!WTF::HashMap<WTF::String,unsigned int,WTF::StringHash,WTF::HashTraits<WTF::String>,WTF::HashTraits<unsigned int> >::inlineAdd<WTF::String,int>(WTF::String && key, int && value) Line 316 C++ > WebKit.dll!WTF::HashMap<WTF::String,unsigned int,WTF::StringHash,WTF::HashTraits<WTF::String>,WTF::HashTraits<unsigned int> >::add<int>(WTF::String && key, int && mapped) Line 358 C++ > WebKit.dll!WTF::HashCountedSet<WTF::String,WTF::StringHash,WTF::HashTraits<WTF::String> >::add(WTF::String && value) Line 194 C++ > WebKit.dll!WebKitClassFactory::WebKitClassFactory(_GUID targetClass) Line 71 C++ > WebKit.dll!DllGetClassObject(const _GUID & rclsid, const _GUID & riid, void * * ppv) Line 105 C++ > WebKit.dll!classFactory(const _GUID & clsid) Line 61 C++ > WebKit.dll!WebKitCreateInstance(const _GUID & rclsid, IUnknown * pUnkOuter, const _GUID & riid, void * * ppvObject) Line 72 C++ > MiniBrowserLib.dll!MiniBrowser::seedInitialDefaultPreferences() Line 171 C++ > MiniBrowserLib.dll!wWinMain(HINSTANCE__ * hInstance, HINSTANCE__ * hPrevInstance, wchar_t * lpstrCmdLine, int nCmdShow) Line 117 C++ > MiniBrowserLib.dll!dllLauncherEntryPoint(HINSTANCE__ * hInstance, HINSTANCE__ * hPrevInstance, wchar_t * lpstrCmdLine, int nCmdShow) Line 857 C++ > MiniBrowser.exe!wWinMain(HINSTANCE__ * hInstance, HINSTANCE__ * hPrevInstance, wchar_t * lpstrCmdLine, int nCmdShow) Line 249 C++ > [External Code] > [Frames below may be incorrect and/or missing, no symbols loaded for kernel32.dll]
Fujii Hironori
Comment 2 2016-06-13 04:30:08 PDT
Created attachment 281165 [details] Patch
Brent Fulgham
Comment 3 2016-06-13 08:29:56 PDT
This seems like it should be affecting all ports, not just Windows. I wonder why we don't see it elsewhere?
Keith Rollin
Comment 4 2016-06-13 08:45:13 PDT
Yeah, I wondered that, too. It may have to do with how the compiler handles optimizing the assigning of the result of adoptRef() to "tmp" in release(). If it uses the move constructor, then we have the recursion problem. If it uses the "construct the result in the caller-provided variable" optimization, then we won't. So I can see how different compilers could have different results. What I'm wondering is why we're only seeing it in MiniBrowser and not all over the place on Windows.
Chris Dumez
Comment 5 2016-06-13 09:02:48 PDT
Comment on attachment 281165 [details] Patch R=me
WebKit Commit Bot
Comment 6 2016-06-13 09:26:14 PDT
Comment on attachment 281165 [details] Patch Clearing flags on attachment: 281165 Committed r201991: <http://trac.webkit.org/changeset/201991>
WebKit Commit Bot
Comment 7 2016-06-13 09:26:21 PDT
All reviewed patches have been landed. Closing bug.
Fujii Hironori
Comment 8 2016-06-13 18:54:18 PDT
Release build has no problem. All programs (MiniBrowser DumpRenderTree, TestWTF, TestWebKit, jsc, testapi, testRegExp) of Debug build have the problem.
Note You need to log in before you can comment on or make changes to this bug.