WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
156765
REGRESSION(
r190289
): Spin trying to view/sign in to hbogo.com
https://bugs.webkit.org/show_bug.cgi?id=156765
Summary
REGRESSION(r190289): Spin trying to view/sign in to hbogo.com
Michael Saboff
Reported
2016-04-19 15:39:30 PDT
We appear to get into a deadlock. Here is a backtrace from the debugger: * thread #1: tid = 0x3684cc9, 0x00007fffa16d1db6 libsystem_kernel.dylib`__psynch_cvwait + 10, queue = 'com.apple.main-thread', stop reason = signal SIGSTOP * frame #0: 0x00007fffa16d1db6 libsystem_kernel.dylib`__psynch_cvwait + 10 frame #1: 0x00007fff94d52728 libsystem_pthread.dylib`_pthread_cond_wait + 767 frame #2: 0x00007fff9ec8e68f libc++.1.dylib`std::__1::condition_variable::wait(std::__1::unique_lock<std::__1::mutex>&) + 47 frame #3: 0x0000000108c8102e JavaScriptCore`WTF::ParkingLot::parkConditionally(address=0x00000001153e1658, validation=function<bool ()> at 0x00007fff58873210, beforeSleep=function<void ()> at 0x00007fff588731e0, timeout=<unavailable>)>, std::__1::function<void ()>, std::__1::chrono::time_point<std::__1::chrono::steady_clock, std::__1::chrono::duration<long long, std::__1::ratio<1l, 1000000000l> > >) + 2398 at ParkingLot.cpp:570 frame #4: 0x0000000108c79556 JavaScriptCore`WTF::LockBase::lockSlow() [inlined] bool WTF::ParkingLot::compareAndPark<unsigned char, int>(expected=3) + 54 at ParkingLot.h:65 frame #5: 0x0000000108c79520 JavaScriptCore`WTF::LockBase::lockSlow(this=0x00000001153e1658) + 368 at Lock.cpp:76 frame #6: 0x000000010846a201 JavaScriptCore`JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit(unsigned int) [inlined] WTF::LockBase::lock() + 23 at Lock.h:62 frame #7: 0x000000010846a1ea JavaScriptCore`JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit(unsigned int) [inlined] WTF::Locker<WTF::LockBase>::lock() at Locker.h:55 frame #8: 0x000000010846a1ea JavaScriptCore`JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit(unsigned int) [inlined] WTF::Locker<WTF::LockBase>::Locker(WTF::LockBase*) at Locker.h:39 frame #9: 0x000000010846a1ea JavaScriptCore`JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit(unsigned int) [inlined] WTF::Locker<WTF::LockBase>::Locker(WTF::LockBase*) at Locker.h:39 frame #10: 0x000000010846a1ea JavaScriptCore`JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit(unsigned int) [inlined] JSC::ConcurrentJITLockerBase::ConcurrentJITLockerBase(lockable=0x00000001153e1658) at ConcurrentJITLock.h:47 frame #11: 0x000000010846a1ea JavaScriptCore`JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit(unsigned int) [inlined] JSC::ConcurrentJITLocker::ConcurrentJITLocker(lockable=0x00000001153e1658) at ConcurrentJITLock.h:106 frame #12: 0x000000010846a1ea JavaScriptCore`JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit(unsigned int) [inlined] JSC::ConcurrentJITLocker::ConcurrentJITLocker(lockable=0x00000001153e1658) at ConcurrentJITLock.h:107 frame #13: 0x000000010846a1ea JavaScriptCore`JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit(this=<unavailable>, bytecodeIndex=45) + 826 at DFGByteCodeParser.cpp:847 frame #14: 0x0000000108449934 JavaScriptCore`JSC::DFG::ByteCodeParser::handleCall(int, JSC::DFG::NodeType, JSC::CallMode, unsigned int, JSC::DFG::Node*, int, int, JSC::CallLinkStatus) [inlined] JSC::DFG::ByteCodeParser::getPrediction(this=0x00007fff588747d8, bytecodeIndex=<unavailable>) + 8 at DFGByteCodeParser.cpp:856 frame #15: 0x000000010844992c JavaScriptCore`JSC::DFG::ByteCodeParser::handleCall(int, JSC::DFG::NodeType, JSC::CallMode, unsigned int, JSC::DFG::Node*, int, int, JSC::CallLinkStatus) [inlined] JSC::DFG::ByteCodeParser::getPrediction(this=0x00007fff588747d8) + 5 at DFGByteCodeParser.cpp:874 frame #16: 0x0000000108449927 JavaScriptCore`JSC::DFG::ByteCodeParser::handleCall(this=0x00007fff588747d8, result=-7, op=TailCall, callMode=<unavailable>, instructionSize=9, callTarget=0x0000000114762b90, argumentCountIncludingThis=2, registerOffset=-16, callLinkStatus=CallLinkStatus at 0x00007fff588733b8) + 199 at DFGByteCodeParser.cpp:1175 frame #17: 0x00000001084497e5 JavaScriptCore`JSC::DFG::ByteCodeParser::handleCall(this=0x00007fff588747d8, result=-7, op=TailCall, callMode=Tail, instructionSize=9, callee=<unavailable>, argumentCountIncludingThis=<unavailable>, registerOffset=<unavailable>) + 277 at DFGByteCodeParser.cpp:1163 frame #18: 0x0000000108459db0 JavaScriptCore`JSC::DFG::ByteCodeParser::parseBlock(unsigned int) [inlined] JSC::DFG::ByteCodeParser::handleCall(this=0x00007fff588747d8, pc=<unavailable>, op=TailCall, callMode=Tail) + 53 at DFGByteCodeParser.cpp:1148 frame #19: 0x0000000108459d7b JavaScriptCore`JSC::DFG::ByteCodeParser::parseBlock(this=0x00007fff588747d8, limit=54) + 10555 at DFGByteCodeParser.cpp:4188 frame #20: 0x0000000108465e6b JavaScriptCore`JSC::DFG::ByteCodeParser::parseCodeBlock(this=0x00007fff588747d8) + 1291 at DFGByteCodeParser.cpp:5094 frame #21: 0x000000010844dd2c JavaScriptCore`bool JSC::DFG::ByteCodeParser::attemptToInlineCall<JSC::DFG::ByteCodeParser::handleInlining(JSC::DFG::Node*, int, JSC::CallLinkStatus const&, int, JSC::VirtualRegister, JSC::VirtualRegister, unsigned int, int, unsigned int, JSC::DFG::NodeType, JSC::InlineCallFrame::Kind, unsigned int)::$_0>(JSC::DFG::Node*, int, JSC::CallVariant, int, int, unsigned int, JSC::InlineCallFrame::Kind, JSC::DFG::ByteCodeParser::CallerLinkability, unsigned int, unsigned int&, JSC::DFG::ByteCodeParser::handleInlining(JSC::DFG::Node*, int, JSC::CallLinkStatus const&, int, JSC::VirtualRegister, JSC::VirtualRegister, unsigned int, int, unsigned int, JSC::DFG::NodeType, JSC::InlineCallFrame::Kind, unsigned int)::$_0 const&) [inlined] void JSC::DFG::ByteCodeParser::inlineCall<JSC::DFG::ByteCodeParser::handleInlining(JSC::DFG::Node*, int, JSC::CallLinkStatus const&, int, JSC::VirtualRegister, JSC::VirtualRegister, unsigned int, int, unsigned int, JSC::DFG::NodeType, JSC::InlineCallFrame::Kind, unsigned int)::$_0>(callee=<unavailable>, callerLinkability=CallerDoesNormalLinking)::$_0 const&) + 1721 at DFGByteCodeParser.cpp:1473 frame #22: 0x000000010844d673 JavaScriptCore`bool JSC::DFG::ByteCodeParser::attemptToInlineCall<JSC::DFG::ByteCodeParser::handleInlining(JSC::DFG::Node*, int, JSC::CallLinkStatus const&, int, JSC::VirtualRegister, JSC::VirtualRegister, unsigned int, int, unsigned int, JSC::DFG::NodeType, JSC::InlineCallFrame::Kind, unsigned int)::$_0>(this=<unavailable>, callTargetNode=<unavailable>, resultOperand=<unavailable>, callee=<unavailable>, registerOffset=<unavailable>, argumentCountIncludingThis=<unavailable>, nextOffset=<unavailable>, kind=<unavailable>, callerLinkability=CallerDoesNormalLinking, prediction=<unavailable>, inliningBalance=<unavailable>, insertChecks=<unavailable>)::$_0 const&) + 6179 at DFGByteCodeParser.cpp:1637 frame #23: 0x000000010844a0c8 JavaScriptCore`JSC::DFG::ByteCodeParser::handleInlining(this=0x00007fff588747d8, callTargetNode=<unavailable>, resultOperand=<unavailable>, callLinkStatus=0x00007fff58873f50, registerOffsetOrFirstFreeReg=-24, thisArgument=<unavailable>, argumentsArgument=<unavailable>, argumentsOffset=<unavailable>, argumentCountIncludingThis=<unavailable>, nextOffset=<unavailable>, callOp=<unavailable>, kind=<unavailable>, prediction=<unavailable>) + 936 at DFGByteCodeParser.cpp:1707 frame #24: 0x0000000108449b98 JavaScriptCore`JSC::DFG::ByteCodeParser::handleCall(this=0x00007fff588747d8, result=-10, op=Call, kind=GetterCall, instructionSize=<unavailable>, callTarget=0x0000000114761870, argumentCountIncludingThis=1, registerOffset=-24, callLinkStatus=<unavailable>, prediction=<unavailable>) + 312 at DFGByteCodeParser.cpp:1213 frame #25: 0x0000000108455652 JavaScriptCore`JSC::DFG::ByteCodeParser::handleGetById(this=0x00007fff588747d8, destinationOperand=-10, prediction=1, base=<unavailable>, identifierNumber=<unavailable>, getByIdStatus=<unavailable>, type=<unavailable>) + 3234 at DFGByteCodeParser.cpp:3043 frame #26: 0x000000010845f857 JavaScriptCore`JSC::DFG::ByteCodeParser::parseBlock(this=0x00007fff588747d8, limit=62) + 33815 at DFGByteCodeParser.cpp:3807 frame #27: 0x0000000108465e6b JavaScriptCore`JSC::DFG::ByteCodeParser::parseCodeBlock(this=0x00007fff588747d8) + 1291 at DFGByteCodeParser.cpp:5094 frame #28: 0x00000001084661e7 JavaScriptCore`JSC::DFG::ByteCodeParser::parse(this=0x00007fff588747d8) + 263 at DFGByteCodeParser.cpp:5144 frame #29: 0x0000000108466469 JavaScriptCore`JSC::DFG::parse(graph=0x00007fff58874ea0) + 425 at DFGByteCodeParser.cpp:5168 frame #30: 0x000000010858dd90 JavaScriptCore`JSC::DFG::Plan::compileInThreadImpl(this=0x0000000112931080, longLivedState=<unavailable>) + 256 at DFGPlan.cpp:239 frame #31: 0x000000010858d951 JavaScriptCore`JSC::DFG::Plan::compileInThread(this=0x0000000112931080, longLivedState=0x00000001123b68e0, threadData=<unavailable>) + 577 at DFGPlan.cpp:182 frame #32: 0x00000001084d3e04 JavaScriptCore`JSC::DFG::compile(JSC::VM&, JSC::CodeBlock*, JSC::CodeBlock*, JSC::DFG::CompilationMode, unsigned int, JSC::Operands<JSC::JSValue, JSC::OperandValueTraits<JSC::JSValue> > const&, WTF::PassRefPtr<JSC::DeferredCompilationCallback>) [inlined] JSC::DFG::compileImpl(profiledDFGCodeBlock=0x0000000000000000, osrEntryBytecodeIndex=0, mustHandleValues=0x00007fff58875488, callback=PassRefPtr<JSC::DeferredCompilationCallback> at scalar(0x0000000000000000)) + 182 at DFGDriver.cpp:99 frame #33: 0x00000001084d3d4e JavaScriptCore`JSC::DFG::compile(vm=0x0000000114605000, codeBlock=0x0000000119e74ba0, profiledDFGCodeBlock=0x0000000000000000, mode=<unavailable>, osrEntryBytecodeIndex=0, mustHandleValues=0x00007fff58875488, passedCallback=PassRefPtr<JSC::DeferredCompilationCallback> at 0x00007fff58875478) + 910 at DFGDriver.cpp:117 frame #34: 0x000000010885b7b2 JavaScriptCore`::operationOptimize(exec=0x00007fff58875620, bytecodeIndex=0) + 1650 at JITOperations.cpp:1365 frame #35: 0x00003d00e85c9244 frame #36: 0x00003d00e85bb133 frame #37: 0x00003d00e85ba4d7 frame #38: 0x00003d00e85b75db
Attachments
Patch
(4.67 KB, patch)
2016-04-20 12:32 PDT
,
Michael Saboff
saam
: review+
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Michael Saboff
Comment 1
2016-04-19 15:40:19 PDT
<
rdar://problem/25394203
>
Michael Saboff
Comment 2
2016-04-20 12:32:03 PDT
Created
attachment 276844
[details]
Patch
Michael Saboff
Comment 3
2016-04-20 13:31:00 PDT
Committed
r199783
: <
http://trac.webkit.org/changeset/199783
>
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug