Bug 88966

Summary: [Qt] REGRESSION(r120149): It made fast/workers/wrapper-map-gc.html crash
Product: WebKit Reporter: Csaba Osztrogonác <ossy>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Critical CC: ggaren, kadam, loki, oliver, ossy, zherczeg
Priority: P1 Keywords: Qt, QtTriaged
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Bug Depends on:    
Bug Blocks: 79668, 88840    

Csaba Osztrogonác
Reported 2012-06-12 23:13:54 PDT
It crashes on the Qt5-WK1 (32bit) bot since r120149. Here is the crash log from the bot: crash log for DumpRenderTree (pid 5647): STDOUT: <empty> STDERR: 1 0xf6c5bfc8 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WTF::fastMalloc(unsigned int)+0x350) [0xf6c5bfc8] STDERR: 2 0xf56e421a /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WTF::Vector<unsigned char, 0u>::reserveCapacity(unsigned int)+0x3a) [0xf56e421a] STDERR: 3 0xf56e429f /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WTF::Vector<unsigned char, 0u>::expandCapacity(unsigned int)+0x41) [0xf56e429f] STDERR: 4 0xf5770047 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(void WTF::Vector<unsigned char, 0u>::append<unsigned char>(unsigned char const*, unsigned int)+0x43) [0xf5770047] STDERR: 5 0xf599afe4 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::CloneSerializer::write(JSC::UString const&)+0x124) [0xf599afe4] STDERR: 6 0xf599b512 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::CloneSerializer::dumpIfTerminal(JSC::JSValue, WebCore::SerializationReturnCode&)+0x3d2) [0xf599b512] STDERR: 7 0xf599d55d /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::CloneSerializer::serialize(JSC::JSValue)+0x178d) [0xf599d55d] STDERR: 8 0xf599e264 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::SerializedScriptValue::create(JSC::ExecState*, JSC::JSValue, WTF::Vector<WTF::RefPtr<WebCore::MessagePort>, 1u>*, WTF::Vector<WTF::RefPtr<WTF::ArrayBuffer>, 1u>*, WebCore::SerializationErrorMode)+0x94) [0xf599e264] STDERR: 9 0xf6236525 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(JSC::JSValue WebCore::handlePostMessage<WebCore::DedicatedWorkerContext>(JSC::ExecState*, WebCore::DedicatedWorkerContext*)+0xb5) [0xf6236525] STDERR: 10 0xf6236988 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::JSDedicatedWorkerContext::postMessage(JSC::ExecState*)+0x32) [0xf6236988] STDERR: 11 0xf677b486 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::jsDedicatedWorkerContextPrototypeFunctionPostMessage(JSC::ExecState*)+0x61) [0xf677b486] STDERR: 12 0x686f6d0f [0x686f6d0f] STDERR: 13 0xf6a98d23 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(JSC::JITCode::execute(JSC::RegisterFile*, JSC::ExecState*, JSC::JSGlobalData*)+0x49) [0xf6a98d23] STDERR: 14 0xf6a92fcd /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&)+0x40f) [0xf6a92fcd] STDERR: 15 0xf6b89f34 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&)+0x60) [0xf6b89f34] STDERR: 16 0xf59469f5 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*)+0xca5) [0xf59469f5] STDERR: 17 0xf5b46b62 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1u>&)+0x132) [0xf5b46b62] STDERR: 18 0xf5b46d31 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::EventTarget::fireEventListeners(WebCore::Event*)+0x57) [0xf5b46d31] STDERR: 19 0xf5b470da /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>)+0x64) [0xf5b470da] STDERR: 20 0xf6247cec /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::MessageWorkerContextTask::performTask(WebCore::ScriptExecutionContext*)+0x25c) [0xf6247cec] STDERR: 21 0xf6248825 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::WorkerRunLoop::Task::performTask(WebCore::WorkerRunLoop const&, WebCore::ScriptExecutionContext*)+0x59) [0xf6248825] STDERR: 22 0xf624902d /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::WorkerRunLoop::runInMode(WebCore::WorkerContext*, WebCore::ModePredicate const&, WebCore::WorkerRunLoop::WaitMode)+0xed) [0xf624902d] STDERR: 23 0xf62496e0 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::WorkerRunLoop::run(WebCore::WorkerContext*)+0xc0) [0xf62496e0] STDERR: 24 0xf6249f0b /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::WorkerThread::runEventLoop()+0x27) [0xf6249f0b] STDERR: 25 0xf623f189 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::DedicatedWorkerThread::runEventLoop()+0x47) [0xf623f189] STDERR: 26 0xf624a74e /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::WorkerThread::workerThread()+0x21e) [0xf624a74e] STDERR: 27 0xf624aa7f /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::WorkerThread::workerThreadStart(void*)+0x1d) [0xf624aa7f] STDERR: 28 0xf6c69b4a /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(+0x1f23b4a) [0xf6c69b4a] STDERR: 29 0xf6c7f9e6 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(+0x1f399e6) [0xf6c7f9e6] STDERR: 30 0xf327e7b0 /lib/libpthread.so.0(+0x57b0) [0xf327e7b0] STDERR: 31 0xf30c70be /lib/libc.so.6(clone+0x5e) [0xf30c70be] STDERR: 1 0x806afda /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/bin/DumpRenderTree() [0x806afda] STDERR: 2 0xf76eb400 [0xf76eb400]
Attachments
Add attachment proposed patch, testcase, etc.
Csaba Osztrogonác
Comment 1 2012-06-12 23:20:37 PDT
And the following tests became flakey: (Fail with "FAIL: Timed out waiting for notifyDone to be called" and pass after rerunning tests) fast/workers/shared-worker-shared.html fast/workers/worker-script-error.html fast/workers/worker-terminate.html fast/workers/shared-worker-name.html fast/workers/worker-close-more.html fast/workers/worker-multi-startup.html fast/workers/shared-worker-script-error.html fast/workers/worker-lifecycle.html
Csaba Osztrogonác
Comment 2 2012-06-12 23:49:15 PDT
It's hard to reproduces this bug if you don't run all tests, because it is a GC bug ... But I managed to reproduce it on 32 bit Qt5 if I ran fast/workers tests. In this case fast/workers/worker-multi-startup.html crashes always.
Csaba Osztrogonác
Comment 3 2012-06-15 09:17:55 PDT
Any progression with fixing it? Or is this crash (serious GC bug!) absolutely acceptable?
Geoffrey Garen
Comment 4 2012-06-15 11:18:40 PDT
> Any progression with fixing it? Or is this crash (serious GC bug!) absolutely acceptable? I don't have a Qt setup to debug this with. If there are Qt engineers who can debug GC issues, I can help. Otherwise, I'd suggest turning off parallel GC in the Qt port.
Csaba Osztrogonác
Comment 5 2012-06-16 01:06:33 PDT
(In reply to comment #4) > > Any progression with fixing it? Or is this crash (serious GC bug!) absolutely acceptable? > > I don't have a Qt setup to debug this with. If there are Qt engineers who can debug GC issues, I can help. Otherwise, I'd suggest turning off parallel GC in the Qt port. Zoltán, as far as I know you have fixed GC related bugs previously. Could you pick it up, please?
Csaba Osztrogonác
Comment 6 2012-06-18 00:39:58 PDT
It seems it isn't Qt 5 and it isn't 32 bit specific bug, I managed to reproduce it with Qt 4.8 and on 64 bit too. But you can reproduce it simpler on 32 bit with any Qt version. If you run fast/workers tests, fast/workers/worker-multi-startup.html always crashes.
Zoltan Herczeg
Comment 7 2012-06-18 06:15:12 PDT
It seems bash32 limits the number of threads to 512 for a given program. We should increse this.
Csaba Osztrogonác
Comment 8 2012-06-18 08:07:12 PDT
(In reply to comment #7) > It seems bash32 limits the number of threads to 512 for a given program. We should increse this. (In reply to comment #7) > It seems bash32 limits the number of threads to 512 for a given program. We should increse this. The problem isn't limited number of threads, but the 4G adress space. :-/ The default Stack size is 8M ( "ulimit -s == 8192" ) and 8M*512 = 4G, so we can't run more than 512 threads except we decrease the stack size. I'm going to check what happens if we decrease the stack size.
Csaba Osztrogonác
Comment 9 2012-06-19 00:02:00 PDT
It seems that decreasing stack size to 1M solves this problem. (and let WebKit to create max. 4096 threads) But I need a double check.
Csaba Osztrogonác
Comment 10 2012-06-19 01:26:55 PDT
(In reply to comment #9) > It seems that decreasing stack size to 1M solves this problem. (and let WebKit to create max. 4096 threads) But I need a double check. It solved the problem, we can close the bug.
Csaba Osztrogonác
Comment 11 2013-05-28 05:52:05 PDT
*** Bug 116855 has been marked as a duplicate of this bug. ***
Csaba Osztrogonác
Comment 12 2013-05-28 05:52:16 PDT
*** Bug 116854 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.