Bug 222531

Summary:

random crash in JSC::SlotVisitor::drain on Linux for wpt tests

Product:

WebKit

Reporter:

Fujii Hironori <Hironori.Fujii>

Component:

JavaScriptCore

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED WORKSFORME

Severity:

Normal

CC:

webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

See Also:

https://bugs.webkit.org/show_bug.cgi?id=222453

Attachments:

Description	Flags
crash log of imported/w3c/web-platform-tests/html/webappapis/dynamic-markup-insertion/document-write/module-tla-immediate-promise.html	none

Description Fujii Hironori 2021-02-28 14:08:29 PST

GTK-Linux-64-bit-Release-Tests is observing random crash in JSC::SlotVisitor::drain

r273226 seems the oldest build job showing the crash.
https://build.webkit.org/results/GTK-Linux-64-bit-Release-Tests/r273226%20(257)/results.html

#0  0x00007fc273a27d7f in JSC::SlotVisitor::drain(WTF::MonotonicTime) () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#1  0x00007fc273a285f4 in JSC::SlotVisitor::drainFromShared(JSC::SlotVisitor::SharedDrainMode, WTF::MonotonicTime) () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#2  0x00007fc2739f7d9a in WTF::SharedTaskFunctor<void (), JSC::Heap::runBeginPhase(JSC::GCConductor)::{lambda()#2}>::run() () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#3  0x00007fc2742e0a1f in WTF::ParallelHelperClient::runTask(WTF::RefPtr<WTF::SharedTask<void ()>, WTF::RawPtrTraits<WTF::SharedTask<void ()> >, WTF::DefaultRefDerefTraits<WTF::SharedTask<void ()> > > const&) () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#4  0x00007fc2742e1931 in WTF::ParallelHelperPool::Thread::work() () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#5  0x00007fc2742cd20d in WTF::Detail::CallableWrapper<WTF::AutomaticThread::start(WTF::AbstractLocker const&)::{lambda()#1}, void>::call() () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#6  0x00007fc2742e79c9 in WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*) () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#7  0x00007fc27434d4c9 in WTF::wtfThreadEntryPoint(void*) () at /app/webkit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
#8  0x00007fc2708864d2 in start_thread (arg=<optimized out>) at pthread_create.c:477
#9  0x00007fc270376323 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Comment 1 Fujii Hironori 2021-02-28 17:46:56 PST

Created attachment 421784 [details]
crash log of imported/w3c/web-platform-tests/html/webappapis/dynamic-markup-insertion/document-write/module-tla-immediate-promise.html

Comment 2 Fujii Hironori 2021-02-28 18:33:15 PST

It seems that GTK and WPE release builds have started random crashing since r273226.
https://ibb.co/X47MPWf

Comment 3 Radar WebKit Bug Importer 2021-03-07 14:09:13 PST

<rdar://problem/75151150>

Comment 4 Fujii Hironori 2021-03-28 13:50:02 PDT

The crash seems to be gone after r274239 (Bug 223039) as well as Bug 222453.