Bug 161869

Summary:

MarkedBlock should be able to use flipIfNecessary() as the "I'm not empty" trigger

Product:

WebKit

Reporter:

Filip Pizlo <fpizlo>

Component:

JavaScriptCore

Assignee:

Filip Pizlo <fpizlo>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

buildbot, commit-queue, keith_miller, mark.lam, msaboff, rniwa, saam

Priority:

Version:

WebKit Nightly Build

Hardware:

All

OS:

All

Bug Depends on:

Bug Blocks:

161581

Attachments:

Description	Flags
the patch	ggaren: review+, buildbot: commit-queue-
Archive of layout-test-results from ews101 for mac-yosemite	none
Archive of layout-test-results from ews117 for mac-yosemite	none
the patch	none
the patch	saam: review+

Filip Pizlo

Reported 2016-09-12 12:50:49 PDT

Patch forthcoming.

Attachments
the patch (13.57 KB, patch) 2016-09-12 14:08 PDT, Filip Pizlo	ggaren: review+ buildbot: commit-queue-	Details Formatted Diff Diff
Archive of layout-test-results from ews101 for mac-yosemite (829.69 KB, application/zip) 2016-09-12 15:19 PDT, Build Bot	no flags	Details
Archive of layout-test-results from ews117 for mac-yosemite (1.73 MB, application/zip) 2016-09-12 15:21 PDT, Build Bot	no flags	Details
the patch (17.46 KB, patch) 2016-09-12 16:34 PDT, Filip Pizlo	no flags	Details Formatted Diff Diff
the patch (17.44 KB, patch) 2016-09-12 18:12 PDT, Filip Pizlo	saam: review+	Details Formatted Diff Diff
Show Obsolete (4) View All Add attachment proposed patch, testcase, etc.

Filip Pizlo

Comment 1 2016-09-12 14:08:24 PDT

Created attachment 288608 [details] the patch

Geoffrey Garen

Comment 2 2016-09-12 14:54:35 PDT

Comment on attachment 288608 [details] the patch r=me

Build Bot

Comment 3 2016-09-12 15:19:06 PDT

Comment on attachment 288608 [details] the patch Attachment 288608 [details] did not pass mac-ews (mac): Output: http://webkit-queues.webkit.org/results/2061351 New failing tests: animations/3d/change-transform-in-end-event.html

Build Bot

Comment 4 2016-09-12 15:19:10 PDT

Created attachment 288621 [details] Archive of layout-test-results from ews101 for mac-yosemite The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews101 Port: mac-yosemite Platform: Mac OS X 10.10.5

Build Bot

Comment 5 2016-09-12 15:21:51 PDT

Comment on attachment 288608 [details] the patch Attachment 288608 [details] did not pass mac-debug-ews (mac): Output: http://webkit-queues.webkit.org/results/2061347 New failing tests: animations/3d/change-transform-in-end-event.html

Build Bot

Comment 6 2016-09-12 15:21:54 PDT

Created attachment 288622 [details] Archive of layout-test-results from ews117 for mac-yosemite The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews117 Port: mac-yosemite Platform: Mac OS X 10.10.5

Filip Pizlo

Comment 7 2016-09-12 15:25:31 PDT

One of these crashes does not look like it was caused by me: Thread 44 Crashed:: WebCore: Worker 0 com.apple.JavaScriptCore 0x000000010b8b612f JSC::UnlinkedInstructionStream::UnlinkedInstructionStream(WTF::Vector<JSC::UnlinkedInstruction, 0ul, WTF::UnsafeVectorOverflow, 16ul> const&) + 383 1 com.apple.JavaScriptCore 0x000000010b05c136 JSC::BytecodeGenerator::generate() + 1750 2 com.apple.JavaScriptCore 0x000000010b8b5257 JSC::ParserError JSC::BytecodeGenerator::generate<JSC::FunctionNode*, JSC::UnlinkedFunctionCodeBlock*&, JSC::DebuggerMode&, JSC::VariableEnvironment const*>(JSC::VM&, JSC::FunctionNode*&&, JSC::UnlinkedFunctionCodeBlock*&&&, JSC::DebuggerMode&&&, JSC::VariableEnvironment const*&&) + 119 3 com.apple.JavaScriptCore 0x000000010b8b4ea0 JSC::UnlinkedFunctionExecutable::unlinkedCodeBlockFor(JSC::VM&, JSC::SourceCode const&, JSC::CodeSpecializationKind, JSC::DebuggerMode, JSC::ParserError&, JSC::SourceParseMode) + 608 4 com.apple.JavaScriptCore 0x000000010b378d31 JSC::ScriptExecutable::newCodeBlockFor(JSC::CodeSpecializationKind, JSC::JSFunction*, JSC::JSScope*, JSC::JSObject*&) + 1409 5 com.apple.JavaScriptCore 0x000000010b379470 JSC::ScriptExecutable::prepareForExecutionImpl(JSC::ExecState*, JSC::JSFunction*, JSC::JSScope*, JSC::CodeSpecializationKind, JSC::CodeBlock*&) + 208 6 com.apple.JavaScriptCore 0x000000010b6e5500 JSC::LLInt::setUpCall(JSC::ExecState*, JSC::Instruction*, JSC::CodeSpecializationKind, JSC::JSValue, JSC::LLIntCallLinkInfo*) + 928 7 com.apple.JavaScriptCore 0x000000010b6ecb33 llint_entry + 25827 8 com.apple.JavaScriptCore 0x000000010b6ec80e llint_entry + 25022 9 com.apple.JavaScriptCore 0x000000010b6e646d vmEntryToJavaScript + 299 10 com.apple.JavaScriptCore 0x000000010b543f3e JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 190 11 com.apple.JavaScriptCore 0x000000010b48c7ec JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) + 17292 12 com.apple.JavaScriptCore 0x000000010b0ea342 JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 546 13 com.apple.WebCore 0x000000010dc1e4d9 WebCore::WorkerScriptController::evaluate(WebCore::ScriptSourceCode const&, WTF::NakedPtr<JSC::Exception>&) + 153 (NakedPtr.h:54) 14 com.apple.WebCore 0x000000010dc18f04 WebCore::WorkerGlobalScope::importScripts(WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul> const&, int&) + 692 (utility:765) 15 com.apple.WebCore 0x000000010ccfd7a2 WebCore::DedicatedWorkerGlobalScope::importScripts(WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul> const&, int&) + 18 (WorkerGlobalScope.h:92) 16 com.apple.WebCore 0x000000010d51d998 WebCore::JSWorkerGlobalScope::importScripts(JSC::ExecState&) + 280 (JSWorkerGlobalScopeCustom.cpp:79) 17 com.apple.WebCore 0x000000010d51a30a WebCore::jsWorkerGlobalScopePrototypeFunctionImportScripts(JSC::ExecState*) + 154 (JSWorkerGlobalScope.cpp:2175) 18 ??? 0x000057376c439ae8 0 + 95895551187688 19 com.apple.JavaScriptCore 0x000000010b6ec80e llint_entry + 25022 20 com.apple.JavaScriptCore 0x000000010b6e646d vmEntryToJavaScript + 299 21 com.apple.JavaScriptCore 0x000000010b543f3e JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 190 22 com.apple.JavaScriptCore 0x000000010b48c7ec JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) + 17292 23 com.apple.JavaScriptCore 0x000000010b0ea342 JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 546 24 com.apple.WebCore 0x000000010dc1e4d9 WebCore::WorkerScriptController::evaluate(WebCore::ScriptSourceCode const&, WTF::NakedPtr<JSC::Exception>&) + 153 (NakedPtr.h:54) 25 com.apple.WebCore 0x000000010dc1e3d6 WebCore::WorkerScriptController::evaluate(WebCore::ScriptSourceCode const&) + 38 (WorkerScriptController.cpp:114) 26 com.apple.WebCore 0x000000010dc1faf6 WebCore::WorkerThread::workerThread() + 534 (utility:765) 27 com.apple.JavaScriptCore 0x000000010b9c1492 WTF::threadEntryPoint(void*) + 178 28 com.apple.JavaScriptCore 0x000000010b9c18af WTF::wtfThreadEntryPoint(void*) + 15 29 libsystem_pthread.dylib 0x00007fff8a0a705a _pthread_body + 131 30 libsystem_pthread.dylib 0x00007fff8a0a6fd7 _pthread_start + 176 31 libsystem_pthread.dylib 0x00007fff8a0a43ed thread_start + 13

Filip Pizlo

Comment 8 2016-09-12 15:27:29 PDT

Actually, I caused all of those crashes. I found the reason.

Filip Pizlo

Comment 9 2016-09-12 16:34:49 PDT

Created attachment 288636 [details] the patch This version isn't borked.

Filip Pizlo

Comment 10 2016-09-12 17:49:39 PDT

I'm going to do some good benchmarking of this, since I had to rework WeakBlock::visit() and this may be a hot function.

Filip Pizlo

Comment 11 2016-09-12 18:12:09 PDT

Created attachment 288653 [details] the patch I just realized that isMarkedOrNewlyAllocatedDuringWeakVisiting() was subtly wrong.

Saam Barati

Comment 12 2016-09-12 18:52:17 PDT

Comment on attachment 288653 [details] the patch r=me

Filip Pizlo

Comment 13 2016-09-12 21:37:24 PDT

Landed in https://trac.webkit.org/changeset/205850

Note You need to log in before you can comment on or make changes to this bug.