RESOLVED FIXED 180438
ASSERTION FAILED: vm->currentThreadIsHoldingAPILock() in void JSC::sanitizeStackForVM(JSC::VM *) 
https://bugs.webkit.org/show_bug.cgi?id=180438
Summary ASSERTION FAILED: vm->currentThreadIsHoldingAPILock() in void JSC::sanitizeSt...
Ryan Haddad
Reported 2017-12-05 12:56:21 PST
The following assertion failure was seen with LayoutTest inspector/worker/debugger-pause.html https://build.webkit.org/results/Apple%20Sierra%20Debug%20WK2%20(Tests)/r225524%20(4304)/results.html ASSERTION FAILED: vm->currentThreadIsHoldingAPILock() ./runtime/VM.cpp(968) : void JSC::sanitizeStackForVM(JSC::VM *) 1 0x11850441d WTFCrash 2 0x1182a13dd JSC::sanitizeStackForVM(JSC::VM*) 3 0x117bf3d13 JSC::MarkedAllocator::allocate(JSC::GCDeferralContext*, JSC::AllocationFailureMode)::'lambda'()::operator()() const 4 0x117bf3c79 JSC::HeapCell* JSC::FreeList::allocate<JSC::MarkedAllocator::allocate(JSC::GCDeferralContext*, JSC::AllocationFailureMode)::'lambda'()>(JSC::MarkedAllocator::allocate(JSC::GCDeferralContext*, JSC::AllocationFailureMode)::'lambda'() const&) 5 0x117bf186a JSC::MarkedAllocator::allocate(JSC::GCDeferralContext*, JSC::AllocationFailureMode) 6 0x117bf1801 JSC::CompleteSubspace::allocateNonVirtual(unsigned long, JSC::GCDeferralContext*, JSC::AllocationFailureMode) 7 0x118200d7a void* JSC::tryAllocateCellHelper<JSC::PropertyTable>(JSC::Heap&, unsigned long, JSC::GCDeferralContext*, JSC::AllocationFailureMode) 8 0x1181eb293 void* JSC::allocateCell<JSC::PropertyTable>(JSC::Heap&, unsigned long) 9 0x1181eb226 JSC::PropertyTable::create(JSC::VM&, unsigned int) 10 0x118249884 JSC::Structure::materializePropertyTable(JSC::VM&, bool) 11 0x1170d9b92 JSC::Structure::ensurePropertyTableIfNotEmpty(JSC::VM&) 12 0x1170d9a94 JSC::Structure::get(JSC::VM&, JSC::PropertyName, unsigned int&, bool&) 13 0x1170fd3f5 JSC::Structure::get(JSC::VM&, JSC::PropertyName) 14 0x1174c1820 JSC::JSObject::getDirect(JSC::VM&, JSC::PropertyName) const 15 0x118072cbd JSC::InternalFunction::displayName(JSC::VM&) 16 0x118072d91 JSC::InternalFunction::calculatedDisplayName(JSC::VM&) 17 0x1180b752d JSC::getCalculatedDisplayName(JSC::VM&, JSC::JSObject*) 18 0x117d7b9a2 JSC::StackVisitor::Frame::functionName() const 19 0x117d28920 Inspector::CreateScriptCallStackFunctor::operator()(JSC::StackVisitor&) const 20 0x117d28863 void JSC::StackVisitor::visit<Inspector::CreateScriptCallStackFunctor>(JSC::ExecState*, JSC::VM*, Inspector::CreateScriptCallStackFunctor const&) 21 0x117d21471 void JSC::ExecState::iterate<Inspector::CreateScriptCallStackFunctor>(Inspector::CreateScriptCallStackFunctor const&) 22 0x117d21361 Inspector::createScriptCallStack(JSC::ExecState*, unsigned long) 23 0x10c6f712b WebCore::InspectorNetworkAgent::buildInitiatorObject(WebCore::Document*) 24 0x10c6f960e WebCore::InspectorNetworkAgent::didScheduleStyleRecalculation(WebCore::Document&) 25 0x10c626833 WebCore::InspectorInstrumentation::didScheduleStyleRecalculationImpl(WebCore::InstrumentingAgents&, WebCore::Document&) 26 0x10c0b4d4e WebCore::InspectorInstrumentation::didScheduleStyleRecalculation(WebCore::Document&) 27 0x10c0b4cb1 WebCore::Document::scheduleStyleRecalc() 28 0x10c0b4b3c WebCore::Document::scheduleForcedStyleRecalc() 29 0x10d3ea205 WebCore::Style::Scope::updateActiveStyleSheets(WebCore::Style::Scope::UpdateType) 30 0x10d3eb093 WebCore::Style::Scope::flushPendingSelfUpdate() 31 0x10be1f9e2 WebCore::Style::Scope::flushPendingUpdate() LEAK: 1 WebPageProxy
Attachments
patch (1.60 KB, patch)
2017-12-06 00:20 PST, Saam Barati 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2017-12-05 12:57:14 PST
<rdar://problem/35862342>
Ryan Haddad
Comment 2 2017-12-05 13:06:36 PST
Looking at crashlogs from the bots, this assertion failure has also been seen attributed to: http/tests/inspector/network/ping-type.html webaudio/audiobuffersource-multi-channels.html webaudio/test-basic.html webaudio/up-mixing-stereo-51.html webaudio/audiobuffersource-playbackrate.html webaudio/oscillator-triangle.html webaudio/up-mixing-mono-stereo.html
Mark Lam
Comment 3 2017-12-05 13:09:10 PST
Hi Ryan, any idea when this failure started manifesting? Is it correlated to some recently landed patch?
Ryan Haddad
Comment 4 2017-12-05 13:11:57 PST
(In reply to Mark Lam from comment #3) > Hi Ryan, any idea when this failure started manifesting? Is it correlated > to some recently landed patch? Still looking, it appears to have been happening since late October.
Saam Barati
Comment 5 2017-12-06 00:02:04 PST
Seems like we just need to grab the API lock here.
Saam Barati
Comment 6 2017-12-06 00:02:39 PST
(In reply to Ryan Haddad from comment #2) > Looking at crashlogs from the bots, this assertion failure has also been > seen attributed to: > http/tests/inspector/network/ping-type.html > webaudio/audiobuffersource-multi-channels.html > webaudio/test-basic.html > webaudio/up-mixing-stereo-51.html > webaudio/audiobuffersource-playbackrate.html > webaudio/oscillator-triangle.html > webaudio/up-mixing-mono-stereo.html Can you post crashlogs for these.
Saam Barati
Comment 7 2017-12-06 00:20:28 PST
Created attachment 328556 [details] patch
Yusuke Suzuki
Comment 8 2017-12-06 05:16:07 PST
Comment on attachment 328556 [details] patch r=me
Ryan Haddad
Comment 9 2017-12-06 10:47:24 PST
(In reply to Saam Barati from comment #6) > (In reply to Ryan Haddad from comment #2) > > Looking at crashlogs from the bots, this assertion failure has also been > > seen attributed to: > > http/tests/inspector/network/ping-type.html > > webaudio/audiobuffersource-multi-channels.html > > webaudio/test-basic.html > > webaudio/up-mixing-stereo-51.html > > webaudio/audiobuffersource-playbackrate.html > > webaudio/oscillator-triangle.html > > webaudio/up-mixing-mono-stereo.html > > Can you post crashlogs for these. https://build.webkit.org/results/Apple%20High%20Sierra%20Debug%20WK2%20(Tests)/r225482%20(1105)/http/tests/inspector/network/ping-type-crash-log.txt https://build.webkit.org/results/Apple%20El%20Capitan%20Debug%20WK2%20(Tests)/r225440%20(4421)/webaudio/audiobuffersource-crash-log.txt
Saam Barati
Comment 10 2017-12-06 10:54:09 PST
(In reply to Ryan Haddad from comment #9) > (In reply to Saam Barati from comment #6) > > (In reply to Ryan Haddad from comment #2) > > > Looking at crashlogs from the bots, this assertion failure has also been > > > seen attributed to: > > > http/tests/inspector/network/ping-type.html > > > webaudio/audiobuffersource-multi-channels.html > > > webaudio/test-basic.html > > > webaudio/up-mixing-stereo-51.html > > > webaudio/audiobuffersource-playbackrate.html > > > webaudio/oscillator-triangle.html > > > webaudio/up-mixing-mono-stereo.html > > > > Can you post crashlogs for these. > https://build.webkit.org/results/ > Apple%20High%20Sierra%20Debug%20WK2%20(Tests)/r225482%20(1105)/http/tests/ > inspector/network/ping-type-crash-log.txt > https://build.webkit.org/results/ > Apple%20El%20Capitan%20Debug%20WK2%20(Tests)/r225440%20(4421)/webaudio/ > audiobuffersource-crash-log.txt The second one here I'll fix in another bug.
WebKit Commit Bot
Comment 11 2017-12-06 10:58:03 PST
Comment on attachment 328556 [details] patch Clearing flags on attachment: 328556 Committed r225579: <https://trac.webkit.org/changeset/225579>
WebKit Commit Bot
Comment 12 2017-12-06 10:58:05 PST
All reviewed patches have been landed. Closing bug.
Saam Barati
Comment 13 2017-12-06 12:09:50 PST
(In reply to Saam Barati from comment #10) > (In reply to Ryan Haddad from comment #9) > > (In reply to Saam Barati from comment #6) > > > (In reply to Ryan Haddad from comment #2) > > > > Looking at crashlogs from the bots, this assertion failure has also been > > > > seen attributed to: > > > > http/tests/inspector/network/ping-type.html > > > > webaudio/audiobuffersource-multi-channels.html > > > > webaudio/test-basic.html > > > > webaudio/up-mixing-stereo-51.html > > > > webaudio/audiobuffersource-playbackrate.html > > > > webaudio/oscillator-triangle.html > > > > webaudio/up-mixing-mono-stereo.html > > > > > > Can you post crashlogs for these. > > https://build.webkit.org/results/ > > Apple%20High%20Sierra%20Debug%20WK2%20(Tests)/r225482%20(1105)/http/tests/ > > inspector/network/ping-type-crash-log.txt > > https://build.webkit.org/results/ > > Apple%20El%20Capitan%20Debug%20WK2%20(Tests)/r225440%20(4421)/webaudio/ > > audiobuffersource-crash-log.txt > > The second one here I'll fix in another bug. https://bugs.webkit.org/show_bug.cgi?id=180492
Note You need to log in before you can comment on or make changes to this bug.