Bug 275989
| Summary: | Kotlin Compose demos (using WasmGC) no longer work in the latest Safari TP | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | bashorov |
| Component: | WebAssembly | Assignee: | David Degazio <d_degazio> |
| Status: | RESOLVED FIXED | ||
| Severity: | Major | CC: | ahmad.saleem792, asumu, d_degazio, jmichaud, justin, webkit-bug-importer, ysuzuki |
| Priority: | P2 | Keywords: | InRadar |
| Version: | Safari Technology Preview | ||
| Hardware: | Mac (Apple Silicon) | ||
| OS: | macOS 14 | ||
| See Also: | https://bugs.webkit.org/show_bug.cgi?id=280059 | ||
bashorov
To reproduce:
1. Run Safari TP with `__XPC_JSC_useWebAssemblyTypedFunctionReferences=1 __XPC_JSC_useWebAssemblyGC=1`
2. Open https://zal.im/wasm/jetsnack/ or https://zal.im/wasm/iv/
Expected: an application is working.
Actual: a page is crashed.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Ahmad Saleem
@Bashorov - can you attach crash log to enable / help us to work forward?
bashorov
(In reply to Ahmad Saleem from comment #1)
> @Bashorov - can you attach crash log to enable / help us to work forward?
Do you have an instruction on how/where I can find a crash log?
bashorov
(In reply to Ahmad Saleem from comment #1)
> @Bashorov - can you attach crash log to enable / help us to work forward?
Alternatively, I can help to reproduce it. It should be easy, see the instruction.
Alexey Proskuryakov
The crash log goes into ~/Library/Logs/DiagnosticReports. I can reproduce with STP 197.
You said "no longer works", do you know when this last worked?
Thread 10 Crashed:: Wasm Worklist Helper Thread
0 JavaScriptCore 0x10d35be4c JSC::Wasm::WasmCallingConvention::callInformationFor(JSC::Wasm::FunctionSignature const&, JSC::Wasm::CallRole) const + 116
1 JavaScriptCore 0x10e351158 JSC::Wasm::OMGIRGenerator::addCall(unsigned int, JSC::Wasm::TypeDefinition const&, WTF::Vector<JSC::B3::Variable*, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, WTF::Vector<JSC::B3::Variable*, 8ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, JSC::CallLinkInfoBase::CallType) + 232
2 JavaScriptCore 0x10e3ab060 JSC::Wasm::FunctionParser<JSC::Wasm::OMGIRGenerator>::parseExpression() + 20440
3 JavaScriptCore 0x10e350b3c JSC::Wasm::FunctionParser<JSC::Wasm::OMGIRGenerator>::parse() + 8196
4 JavaScriptCore 0x10e35285c JSC::Wasm::OMGIRGenerator::addCall(unsigned int, JSC::Wasm::TypeDefinition const&, WTF::Vector<JSC::B3::Variable*, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, WTF::Vector<JSC::B3::Variable*, 8ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, JSC::CallLinkInfoBase::CallType) + 6124
5 JavaScriptCore 0x10e3ab060 JSC::Wasm::FunctionParser<JSC::Wasm::OMGIRGenerator>::parseExpression() + 20440
6 JavaScriptCore 0x10e350b3c JSC::Wasm::FunctionParser<JSC::Wasm::OMGIRGenerator>::parse() + 8196
7 JavaScriptCore 0x10e358c40 JSC::Wasm::parseAndCompileOMG(JSC::Wasm::CompilationContext&, JSC::Wasm::OptimizingJITCallee&, JSC::Wasm::FunctionData const&, JSC::Wasm::TypeDefinition const&, WTF::Vector<JSC::Wasm::UnlinkedWasmToWasmCall, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, JSC::Wasm::CalleeGroup&, JSC::Wasm::ModuleInformation const&, JSC::MemoryMode, JSC::Wasm::CompilationMode, unsigned int, std::__1::optional<bool>, unsigned int, JSC::Wasm::TierUpCount*) + 4256
8 JavaScriptCore 0x10e391ff8 JSC::Wasm::OMGPlan::work(JSC::Wasm::Plan::CompilationEffort) + 324
bashorov
I think it worked about a month ago (in May) in Safari TP; I don't know the specific version, but probably it was 196.
Examples are working with WebKit 275934@main.
Radar WebKit Bug Importer
<rdar://problem/131166278>
Justin Michaud
I can reproduce this. It looks like it shouldn't be too hard to fix
David Degazio
Pull request: https://github.com/WebKit/WebKit/pull/31568
EWS
Committed 281767@main (08d5b5ec570f): <https://commits.webkit.org/281767@main>
Reviewed commits have been landed. Closing PR #31568 and removing active labels.