Patch forthcoming.
Created attachment 288608 [details] the patch
Comment on attachment 288608 [details] the patch r=me
Comment on attachment 288608 [details] the patch Attachment 288608 [details] did not pass mac-ews (mac): Output: http://webkit-queues.webkit.org/results/2061351 New failing tests: animations/3d/change-transform-in-end-event.html
Created attachment 288621 [details] Archive of layout-test-results from ews101 for mac-yosemite The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews101 Port: mac-yosemite Platform: Mac OS X 10.10.5
Comment on attachment 288608 [details] the patch Attachment 288608 [details] did not pass mac-debug-ews (mac): Output: http://webkit-queues.webkit.org/results/2061347 New failing tests: animations/3d/change-transform-in-end-event.html
Created attachment 288622 [details] Archive of layout-test-results from ews117 for mac-yosemite The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews117 Port: mac-yosemite Platform: Mac OS X 10.10.5
One of these crashes does not look like it was caused by me: Thread 44 Crashed:: WebCore: Worker 0 com.apple.JavaScriptCore 0x000000010b8b612f JSC::UnlinkedInstructionStream::UnlinkedInstructionStream(WTF::Vector<JSC::UnlinkedInstruction, 0ul, WTF::UnsafeVectorOverflow, 16ul> const&) + 383 1 com.apple.JavaScriptCore 0x000000010b05c136 JSC::BytecodeGenerator::generate() + 1750 2 com.apple.JavaScriptCore 0x000000010b8b5257 JSC::ParserError JSC::BytecodeGenerator::generate<JSC::FunctionNode*, JSC::UnlinkedFunctionCodeBlock*&, JSC::DebuggerMode&, JSC::VariableEnvironment const*>(JSC::VM&, JSC::FunctionNode*&&, JSC::UnlinkedFunctionCodeBlock*&&&, JSC::DebuggerMode&&&, JSC::VariableEnvironment const*&&) + 119 3 com.apple.JavaScriptCore 0x000000010b8b4ea0 JSC::UnlinkedFunctionExecutable::unlinkedCodeBlockFor(JSC::VM&, JSC::SourceCode const&, JSC::CodeSpecializationKind, JSC::DebuggerMode, JSC::ParserError&, JSC::SourceParseMode) + 608 4 com.apple.JavaScriptCore 0x000000010b378d31 JSC::ScriptExecutable::newCodeBlockFor(JSC::CodeSpecializationKind, JSC::JSFunction*, JSC::JSScope*, JSC::JSObject*&) + 1409 5 com.apple.JavaScriptCore 0x000000010b379470 JSC::ScriptExecutable::prepareForExecutionImpl(JSC::ExecState*, JSC::JSFunction*, JSC::JSScope*, JSC::CodeSpecializationKind, JSC::CodeBlock*&) + 208 6 com.apple.JavaScriptCore 0x000000010b6e5500 JSC::LLInt::setUpCall(JSC::ExecState*, JSC::Instruction*, JSC::CodeSpecializationKind, JSC::JSValue, JSC::LLIntCallLinkInfo*) + 928 7 com.apple.JavaScriptCore 0x000000010b6ecb33 llint_entry + 25827 8 com.apple.JavaScriptCore 0x000000010b6ec80e llint_entry + 25022 9 com.apple.JavaScriptCore 0x000000010b6e646d vmEntryToJavaScript + 299 10 com.apple.JavaScriptCore 0x000000010b543f3e JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 190 11 com.apple.JavaScriptCore 0x000000010b48c7ec JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) + 17292 12 com.apple.JavaScriptCore 0x000000010b0ea342 JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 546 13 com.apple.WebCore 0x000000010dc1e4d9 WebCore::WorkerScriptController::evaluate(WebCore::ScriptSourceCode const&, WTF::NakedPtr<JSC::Exception>&) + 153 (NakedPtr.h:54) 14 com.apple.WebCore 0x000000010dc18f04 WebCore::WorkerGlobalScope::importScripts(WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul> const&, int&) + 692 (utility:765) 15 com.apple.WebCore 0x000000010ccfd7a2 WebCore::DedicatedWorkerGlobalScope::importScripts(WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul> const&, int&) + 18 (WorkerGlobalScope.h:92) 16 com.apple.WebCore 0x000000010d51d998 WebCore::JSWorkerGlobalScope::importScripts(JSC::ExecState&) + 280 (JSWorkerGlobalScopeCustom.cpp:79) 17 com.apple.WebCore 0x000000010d51a30a WebCore::jsWorkerGlobalScopePrototypeFunctionImportScripts(JSC::ExecState*) + 154 (JSWorkerGlobalScope.cpp:2175) 18 ??? 0x000057376c439ae8 0 + 95895551187688 19 com.apple.JavaScriptCore 0x000000010b6ec80e llint_entry + 25022 20 com.apple.JavaScriptCore 0x000000010b6e646d vmEntryToJavaScript + 299 21 com.apple.JavaScriptCore 0x000000010b543f3e JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 190 22 com.apple.JavaScriptCore 0x000000010b48c7ec JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::JSObject*) + 17292 23 com.apple.JavaScriptCore 0x000000010b0ea342 JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 546 24 com.apple.WebCore 0x000000010dc1e4d9 WebCore::WorkerScriptController::evaluate(WebCore::ScriptSourceCode const&, WTF::NakedPtr<JSC::Exception>&) + 153 (NakedPtr.h:54) 25 com.apple.WebCore 0x000000010dc1e3d6 WebCore::WorkerScriptController::evaluate(WebCore::ScriptSourceCode const&) + 38 (WorkerScriptController.cpp:114) 26 com.apple.WebCore 0x000000010dc1faf6 WebCore::WorkerThread::workerThread() + 534 (utility:765) 27 com.apple.JavaScriptCore 0x000000010b9c1492 WTF::threadEntryPoint(void*) + 178 28 com.apple.JavaScriptCore 0x000000010b9c18af WTF::wtfThreadEntryPoint(void*) + 15 29 libsystem_pthread.dylib 0x00007fff8a0a705a _pthread_body + 131 30 libsystem_pthread.dylib 0x00007fff8a0a6fd7 _pthread_start + 176 31 libsystem_pthread.dylib 0x00007fff8a0a43ed thread_start + 13
Actually, I caused all of those crashes. I found the reason.
Created attachment 288636 [details] the patch This version isn't borked.
I'm going to do some good benchmarking of this, since I had to rework WeakBlock::visit() and this may be a hot function.
Created attachment 288653 [details] the patch I just realized that isMarkedOrNewlyAllocatedDuringWeakVisiting() was subtly wrong.
Comment on attachment 288653 [details] the patch r=me
Landed in https://trac.webkit.org/changeset/205850