Bug 226096

Summary: Finalize DFG/FTL code refs on the compiler threads
Product: WebKit Reporter: Saam Barati <saam>
Component: JavaScriptCoreAssignee: Saam Barati <saam>
Status: RESOLVED FIXED    
Severity: Normal CC: ews-watchlist, keith_miller, mark.lam, msaboff, tzagallo, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 226180    
Bug Blocks:    
Attachments:
Description Flags
WIP
ews-feeder: commit-queue-
WIP
none
WIP
none
patch
ews-feeder: commit-queue-
patch
mark.lam: review+, ews-feeder: commit-queue-
[fast-cq] patch for landing none

Saam Barati
Reported 2021-05-21 11:41:15 PDT
...
Attachments
WIP (65.34 KB, patch)
2021-05-21 17:06 PDT, Saam Barati 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
WIP (65.92 KB, patch)
2021-05-21 17:38 PDT, Saam Barati 		no flags
DetailsFormatted DiffDiff
WIP (66.16 KB, patch)
2021-05-21 18:03 PDT, Saam Barati 		no flags
DetailsFormatted DiffDiff
patch (25.55 KB, patch)
2021-05-24 17:28 PDT, Saam Barati 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
patch (25.55 KB, patch)
2021-05-24 17:46 PDT, Saam Barati 		mark.lam: review+
ews-feeder: commit-queue-
DetailsFormatted DiffDiff
[fast-cq] patch for landing (23.92 KB, patch)
2021-05-25 11:15 PDT, Saam Barati 		no flags
DetailsFormatted DiffDiff
Show Obsolete (5) View All Add attachment proposed patch, testcase, etc.
Saam Barati
Comment 1 2021-05-21 17:06:56 PDT
Created attachment 429369 [details] WIP
Saam Barati
Comment 2 2021-05-21 17:38:11 PDT
Created attachment 429376 [details] WIP
Saam Barati
Comment 3 2021-05-21 18:03:18 PDT
Created attachment 429378 [details] WIP
Saam Barati
Comment 4 2021-05-24 17:28:29 PDT
Created attachment 429599 [details] patch
Saam Barati
Comment 5 2021-05-24 17:46:09 PDT
Created attachment 429602 [details] patch
Mark Lam
Comment 6 2021-05-24 19:56:31 PDT
Comment on attachment 429602 [details] patch LGTM but the mac-wk1 EWS's failure seems real. The failure is in the RELEASE_ASSERT in ~LinkBuffer on a worker thread at VM shutdown. Thread 77 Crashed:: WebCore: Worker 0 com.apple.JavaScriptCore 0x0000000107d106d3 WTFCrashWithInfo(int, char const*, char const*, int) + 19 1 com.apple.JavaScriptCore 0x00000001073eff0a JSC::LinkBuffer::~LinkBuffer() + 58 2 com.apple.JavaScriptCore 0x0000000107839e5d JSC::DFG::JITFinalizer::~JITFinalizer() + 45 3 com.apple.JavaScriptCore 0x0000000107906b18 JSC::DFG::Plan::~Plan() + 312 4 com.apple.JavaScriptCore 0x000000010795e264 JSC::DFG::Worklist::removeAllReadyPlansForVM(JSC::VM&) + 116 5 com.apple.JavaScriptCore 0x0000000107f961e7 JSC::VM::~VM() + 279 6 com.apple.JavaScriptCore 0x0000000107e3a7d7 JSC::JSLockHolder::~JSLockHolder() + 119 7 com.apple.WebCore 0x000000010e069754 WebCore::WorkerOrWorkletScriptController::~WorkerOrWorkletScriptController() + 212 8 com.apple.WebCore 0x000000010e071195 WTF::Detail::CallableWrapper<WebCore::WorkerOrWorkletThread::stop(WTF::Function<void ()>&&)::$_34::operator()(WebCore::ScriptExecutionContext&) const::'lambda'(WebCore::ScriptExecutionContext&), void, WebCore::ScriptExecutionContext&>::call(WebCore::ScriptExecutionContext&) + 37 9 com.apple.WebCore 0x000000010e071816 WebCore::WorkerRunLoop::runCleanupTasks(WebCore::WorkerOrWorkletGlobalScope*) + 262 10 com.apple.WebCore 0x000000010e0713bf WebCore::WorkerRunLoop::run(WebCore::WorkerOrWorkletGlobalScope*) + 111 11 com.apple.WebCore 0x000000010e06ca30 WebCore::WorkerOrWorkletThread::workerOrWorkletThread() + 768 12 com.apple.JavaScriptCore 0x00000001070739ec WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*) + 124 13 com.apple.JavaScriptCore 0x0000000107076259 WTF::wtfThreadEntryPoint(void*) + 9 14 libsystem_pthread.dylib 0x00007fff72768109 _pthread_start + 148 15 libsystem_pthread.dylib 0x00007fff72763b8b thread_start + 15 Looks like possibly the plan wasn't cancelled, or not cancelled in time?
Saam Barati
Comment 7 2021-05-24 20:31:03 PDT
Comment on attachment 429602 [details] patch View in context: https://bugs.webkit.org/attachment.cgi?id=429602&action=review > Source/JavaScriptCore/assembler/LinkBuffer.cpp:49 > + RELEASE_ASSERT(m_mainThreadFinalizationTasks.isEmpty()); I’ll remove this RELEASE_ASSERT. It’s taking a lot of plumbing to make it work. Which is usually a bad reason to keep an assert
Mark Lam
Comment 8 2021-05-24 20:52:07 PDT
Comment on attachment 429602 [details] patch View in context: https://bugs.webkit.org/attachment.cgi?id=429602&action=review r=me >> Source/JavaScriptCore/assembler/LinkBuffer.cpp:49 >> + RELEASE_ASSERT(m_mainThreadFinalizationTasks.isEmpty()); > > I’ll remove this RELEASE_ASSERT. It’s taking a lot of plumbing to make it work. Which is usually a bad reason to keep an assert I'm fine with removing it. The failure was at VM destruction, and m_mainThreadFinalizationTasks will get cleaned out anyway.
Saam Barati
Comment 9 2021-05-25 11:15:32 PDT
Created attachment 429668 [details] [fast-cq] patch for landing
EWS
Comment 10 2021-05-25 11:16:55 PDT
Committed r278030 (238127@main): <https://commits.webkit.org/238127@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 429668 [details].
Radar WebKit Bug Importer
Comment 11 2021-05-25 11:17:20 PDT
<rdar://problem/78466944>
Note You need to log in before you can comment on or make changes to this bug.