Bug 115782 - Crash properly on iOS
Summary: Crash properly on iOS
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Benjamin Poulain
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2013-05-08 02:01 PDT by Benjamin Poulain
Modified: 2013-05-16 12:02 PDT (History)
10 users (show)

See Also:

Attachments
Patch (2.61 KB, patch)
2013-05-08 02:02 PDT, Benjamin Poulain 		no flags Details | Formatted Diff | Diff
Patch (2.80 KB, patch)
2013-05-08 17:18 PDT, Benjamin Poulain 		no flags Details | Formatted Diff | Diff
Patch (4.19 KB, patch)
2013-05-11 00:26 PDT, Benjamin Poulain 		no flags Details | Formatted Diff | Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Benjamin Poulain 2013-05-08 02:01:30 PDT 
Crash properly on iOS
Comment 1 Benjamin Poulain 2013-05-08 02:02:46 PDT 
Created attachment 201045 [details]
Patch
Comment 2 EFL EWS Bot 2013-05-08 02:10:23 PDT 
Comment on attachment 201045 [details]
Patch

Attachment 201045 [details] did not pass efl-ews (efl):
Output: http://webkit-queues.appspot.com/results/436022
Comment 3 EFL EWS Bot 2013-05-08 02:11:18 PDT 
Comment on attachment 201045 [details]
Patch

Attachment 201045 [details] did not pass efl-wk2-ews (efl-wk2):
Output: http://webkit-queues.appspot.com/results/380470
Comment 4 Early Warning System Bot 2013-05-08 02:11:42 PDT 
Comment on attachment 201045 [details]
Patch

Attachment 201045 [details] did not pass qt-ews (qt):
Output: http://webkit-queues.appspot.com/results/274187
Comment 5 Early Warning System Bot 2013-05-08 02:13:50 PDT 
Comment on attachment 201045 [details]
Patch

Attachment 201045 [details] did not pass qt-wk2-ews (qt-wk2):
Output: http://webkit-queues.appspot.com/results/318308
Comment 6 Build Bot 2013-05-08 02:26:31 PDT 
Comment on attachment 201045 [details]
Patch

Attachment 201045 [details] did not pass win-ews (win):
Output: http://webkit-queues.appspot.com/results/406485
Comment 7 Alexey Proskuryakov 2013-05-08 09:38:49 PDT 
Comment on attachment 201045 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=201045&action=review

I'm concerned that this change will break aggregation with existing crash reports. Can you try a known crash with and without this change to compare?

> Source/WTF/wtf/Assertions.cpp:343
> +    ((void(*)())0)(); /* More reliable, but doesn't say BBADBEEF */

This comment now looks as if it claims that this is more reliable than __builtin_trap().
Comment 8 Benjamin Poulain 2013-05-08 16:33:29 PDT 
<rdar://problem/13842771>
Comment 9 Benjamin Poulain 2013-05-08 16:44:16 PDT 
(In reply to comment #7)
> (From update of attachment 201045 [details])
> View in context: https://bugs.webkit.org/attachment.cgi?id=201045&action=review
> 
> I'm concerned that this change will break aggregation with existing crash reports. Can you try a known crash with and without this change to compare?

You have WTFCrash on top for crash reporter. Would that be a problem?

WTFReportBacktrace already skip 2 frames so it is just one level deeper.

> > Source/WTF/wtf/Assertions.cpp:343
> > +    ((void(*)())0)(); /* More reliable, but doesn't say BBADBEEF */
> 
> This comment now looks as if it claims that this is more reliable than __builtin_trap().

To be honest I have no clue what this comment mean by "More reliable".
Comment 10 Benjamin Poulain 2013-05-08 17:18:02 PDT 
Created attachment 201117 [details]
Patch
Comment 11 Build Bot 2013-05-08 17:43:08 PDT 
Comment on attachment 201117 [details]
Patch

Attachment 201117 [details] did not pass win-ews (win):
Output: http://webkit-queues.appspot.com/results/375014
Comment 12 Darin Adler 2013-05-09 18:23:35 PDT 
Comment on attachment 201117 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=201117&action=review

This changes things so that all crashes happen inside a function. The old code went out of its way to crash at the call site, not inside a function. I think the reason we wanted that was to make debugging easier. Not sure if that is important any more. Seems a little risky to change, though.

Iā€™m assuming the Windows build failures are due to changes in the exported symbols that are needed.

> Source/WTF/wtf/Assertions.cpp:333
> +static void invokeCrashHook()
>  {
>      if (globalHook)
>          globalHook();
>  }

Why is this still a function? Why not just call the hook directly in WTFCrash?

> Source/WTF/wtf/Assertions.cpp:339
> +    (*(int *)(uintptr_t)0xbbadbeef = 0);

There are extra unneeded parentheses here.

> Source/WTF/wtf/Assertions.cpp:344
> +    (*(int *)(uintptr_t)0xbbadbeef = 0);
> +#if COMPILER(CLANG)
> +    __builtin_trap();
> +#else
> +    ((void(*)())0)();
> +#endif

Really could use a why comment explaining the bbadbeef thing.
Comment 13 Darin Adler 2013-05-09 18:24:57 PDT 
(In reply to comment #9)
> > > Source/WTF/wtf/Assertions.cpp:343
> > > +    ((void(*)())0)(); /* More reliable, but doesn't say BBADBEEF */
> > 
> > This comment now looks as if it claims that this is more reliable than __builtin_trap().
> 
> To be honest I have no clue what this comment mean by "More reliable".

More reliable meant that in some cases accessing 0xbbadbeef would not cause a crash. That could be valid memory that happens to be mapped in, particularly on a 64-bit system. Whereas calling 0 or __builtin_trap was guaranteed to actually cause a crash.
Comment 14 Benjamin Poulain 2013-05-11 00:26:30 PDT 
Created attachment 201451 [details]
Patch
Comment 15 Benjamin Poulain 2013-05-16 12:02:39 PDT 
Comment on attachment 201451 [details]
Patch

Clearing flags on attachment: 201451

Committed r150196: <http://trac.webkit.org/changeset/150196>
Comment 16 Benjamin Poulain 2013-05-16 12:02:45 PDT 
All reviewed patches have been landed.  Closing bug.