Bug 169729

Summary: REGRESSION (r213978): Multiple workers-related LayoutTests crashing in debug
Product: WebKit Reporter: Ryan Haddad <ryanhaddad>
Component: JavaScriptCoreAssignee: Ryan Haddad <ryanhaddad>
Status: RESOLVED FIXED    
Severity: Normal CC: ap, commit-queue, dino, fpizlo, keith_miller, mark.lam, msaboff, saam
Priority: P2    
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=169669
Attachments:
Description Flags
Crash log
none
Patch none

Ryan Haddad
Reported 2017-03-15 18:34:28 PDT
Thread 12 Crashed:: WebCore: Worker 0 ??? 0x000056e5bf205ba4 0 + 95544754068388 1 com.apple.JavaScriptCore 0x000000012023a435 llint_entry + 29857 2 com.apple.JavaScriptCore 0x0000000120232d7e vmEntryToJavaScript + 334 3 com.apple.JavaScriptCore 0x000000012003238e JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 350 (JITCode.cpp:81) 4 com.apple.JavaScriptCore 0x000000011ffe7922 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1330 (Interpreter.cpp:947) 5 com.apple.JavaScriptCore 0x000000011f7eb918 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 184 (CallData.cpp:39) 6 com.apple.JavaScriptCore 0x000000011f7eba29 JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 201 (CallData.cpp:46) 7 com.apple.JavaScriptCore 0x000000011f7ebcbd JSC::profiledCall(JSC::ExecState*, JSC::ProfilingReason, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 125 (CallData.cpp:65) 8 com.apple.WebCore 0x00000001159c3f73 WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*) + 1987 (JSEventListener.cpp:156) 9 com.apple.WebCore 0x0000000114e6b496 WebCore::EventTarget::fireEventListeners(WebCore::Event&, WTF::Vector<WTF::RefPtr<WebCore::RegisteredEventListener>, 1ul, WTF::CrashOnOverflow, 16ul>) + 742 (EventTarget.cpp:258) 10 com.apple.WebCore 0x0000000114e6b05e WebCore::EventTarget::fireEventListeners(WebCore::Event&) + 318 (EventTarget.cpp:201) 11 com.apple.WebCore 0x0000000114e6aef9 WebCore::EventTarget::dispatchEvent(WebCore::Event&) + 233 (EventTarget.cpp:158) 12 com.apple.WebCore 0x00000001172e6d06 WebCore::WorkerMessagingProxy::postMessageToWorkerGlobalScope(WTF::RefPtr<WebCore::SerializedScriptValue>&&, std::__1::unique_ptr<WTF::Vector<std::__1::unique_ptr<WebCore::MessagePortChannel, std::__1::default_delete<WebCore::MessagePortChannel> >, 1ul, WTF::CrashOnOverflow, 16ul>, std::__1::default_delete<WTF::Vector<std::__1::unique_ptr<WebCore::MessagePortChannel, std::__1::default_delete<WebCore::MessagePortChannel> >, 1ul, WTF::CrashOnOverflow, 16ul> > >)::$_1::operator()(WebCore::ScriptExecutionContext&) + 294 (WorkerMessagingProxy.cpp:119) 13 com.apple.WebCore 0x00000001172e6a24 WTF::Function<void (WebCore::ScriptExecutionContext&)>::CallableWrapper<WebCore::WorkerMessagingProxy::postMessageToWorkerGlobalScope(WTF::RefPtr<WebCore::SerializedScriptValue>&&, std::__1::unique_ptr<WTF::Vector<std::__1::unique_ptr<WebCore::MessagePortChannel, std::__1::default_delete<WebCore::MessagePortChannel> >, 1ul, WTF::CrashOnOverflow, 16ul>, std::__1::default_delete<WTF::Vector<std::__1::unique_ptr<WebCore::MessagePortChannel, std::__1::default_delete<WebCore::MessagePortChannel> >, 1ul, WTF::CrashOnOverflow, 16ul> > >)::$_1>::call(WebCore::ScriptExecutionContext&) + 52 (Function.h:89) 14 com.apple.WebCore 0x0000000114ca2611 WTF::Function<void (WebCore::ScriptExecutionContext&)>::operator()(WebCore::ScriptExecutionContext&) const + 113 (Function.h:50) 15 com.apple.WebCore 0x0000000114c8db4d WebCore::ScriptExecutionContext::Task::performTask(WebCore::ScriptExecutionContext&) + 29 (ScriptExecutionContext.h:165) 16 com.apple.WebCore 0x00000001172ec2f9 WebCore::WorkerRunLoop::Task::performTask(WebCore::WorkerRunLoop const&, WebCore::WorkerGlobalScope*) + 105 (WorkerRunLoop.cpp:244) 17 com.apple.WebCore 0x00000001172eb43e WebCore::WorkerRunLoop::runInMode(WebCore::WorkerGlobalScope*, WebCore::ModePredicate const&, WebCore::WorkerRunLoop::WaitMode) + 1214 (WorkerRunLoop.cpp:191) 18 com.apple.WebCore 0x00000001172eaee6 WebCore::WorkerRunLoop::run(WebCore::WorkerGlobalScope*) + 86 (WorkerRunLoop.cpp:137) 19 com.apple.WebCore 0x00000001172f42b3 WebCore::WorkerThread::runEventLoop() + 51 (WorkerThread.cpp:231) 20 com.apple.WebCore 0x0000000114c014d8 WebCore::DedicatedWorkerThread::runEventLoop() + 88 (DedicatedWorkerThread.cpp:61) 21 com.apple.WebCore 0x00000001172f401d WebCore::WorkerThread::workerThread() + 1389 (WorkerThread.cpp:196) 22 com.apple.WebCore 0x00000001172f3aa5 WebCore::WorkerThread::workerThreadStart(void*) + 21 (WorkerThread.cpp:150) 23 com.apple.JavaScriptCore 0x00000001206dbb39 WTF::createThread(void (*)(void*), void*, char const*)::$_0::operator()() const + 25 (Threading.cpp:109) 24 com.apple.JavaScriptCore 0x00000001206dbb0d void std::__1::__invoke_void_return_wrapper<void>::__call<WTF::createThread(void (*)(void*), void*, char const*)::$_0&>(WTF::createThread(void (*)(void*), void*, char const*)::$_0&&&) + 45 (__functional_base:469) 25 com.apple.JavaScriptCore 0x00000001206dbab9 std::__1::__function::__func<WTF::createThread(void (*)(void*), void*, char const*)::$_0, std::__1::allocator<WTF::createThread(void (*)(void*), void*, char const*)::$_0>, void ()>::operator()() + 41 (functional:1437) 26 com.apple.JavaScriptCore 0x000000011fc2922a std::__1::function<void ()>::operator()() const + 26 (functional:1817) 27 com.apple.JavaScriptCore 0x00000001206da547 WTF::threadEntryPoint(void*) + 151 (Threading.cpp:92) 28 com.apple.JavaScriptCore 0x00000001206dc121 WTF::wtfThreadEntryPoint(void*) + 289 (ThreadingPthreads.cpp:168) 29 libsystem_pthread.dylib 0x00007fffc6d59aab _pthread_body + 180 30 libsystem_pthread.dylib 0x00007fffc6d599f7 _pthread_start + 286 31 libsystem_pthread.dylib 0x00007fffc6d591fd thread_start + 13 https://webkit-test-results.webkit.org/dashboards/flakiness_dashboard.html#showAllRuns=true&tests=imported%2Fw3c%2Fweb-platform-tests%2Fhtml%2Fdom%2Finterfaces.worker.html https://webkit-test-results.webkit.org/dashboards/flakiness_dashboard.html#showAllRuns=true&tests=fast%2Fworkers%2Fworker-context-gc.html https://webkit-test-results.webkit.org/dashboards/flakiness_dashboard.html#showAllRuns=true&tests=fast%2Fworkers%2Fself-hasOwnProperty.html https://webkit-test-results.webkit.org/dashboards/flakiness_dashboard.html#showAllRuns=true&tests=fast%2Fworkers%2Ftermination-early.html https://webkit-test-results.webkit.org/dashboards/flakiness_dashboard.html#showAllRuns=true&tests=fast%2Fworkers%2Fworker-terminate.html
Attachments
Crash log (101.99 KB, text/plain)
2017-03-15 18:35 PDT, Ryan Haddad 		no flags
Details
Patch (50.71 KB, patch)
2017-03-15 18:52 PDT, Ryan Haddad 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Ryan Haddad
Comment 1 2017-03-15 18:35:21 PDT
Created attachment 304592 [details] Crash log
Ryan Haddad
Comment 2 2017-03-15 18:36:23 PDT
Strangely, many seem to have started after https://trac.webkit.org/changeset/213978, which sorted Xcode project files.
Ryan Haddad
Comment 3 2017-03-15 18:50:55 PDT
I cannot revert the change cleanly due to http://trac.webkit.org/projects/webkit/changeset/213992
Ryan Haddad
Comment 4 2017-03-15 18:52:44 PDT
Created attachment 304593 [details] Patch
Ryan Haddad
Comment 5 2017-03-15 18:53:17 PDT
(In reply to comment #4) > Created attachment 304593 [details] > Patch This patch reverts only the JavaScriptCore.xcodeproj sorting.
Alexey Proskuryakov
Comment 6 2017-03-15 19:50:15 PDT
Comment on attachment 304593 [details] Patch Let's see what happens.
WebKit Commit Bot
Comment 7 2017-03-15 20:41:13 PDT
Comment on attachment 304593 [details] Patch Clearing flags on attachment: 304593 Committed r214026: <http://trac.webkit.org/changeset/214026>
WebKit Commit Bot
Comment 8 2017-03-15 20:41:17 PDT
All reviewed patches have been landed. Closing bug.
Alexey Proskuryakov
Comment 9 2017-03-15 23:29:50 PDT
imported/w3c/web-platform-tests/html/dom/interfaces.worker.html was a test that crashed every time, and the rollout fixed it. Now to figure out how it is possible for sorting the project file to introduce crashes? This is across OS and Xcode versions too.
Note You need to log in before you can comment on or make changes to this bug.