226302 – REGRESSION (r278082?): ASSERTION FAILED: !isCompilationThread() in JSC::Profiler::Database::addCompilation()

Bug 226302 - REGRESSION (r278082?): ASSERTION FAILED: !isCompilationThread() in JSC::Profiler::Database::addCompilation()

Summary: REGRESSION (r278082?): ASSERTION FAILED: !isCompilationThread() in JSC::Profi...

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Tadeu Zagallo

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2021-05-26 15:54 PDT by Ryan Haddad
Modified:	2021-05-26 17:36 PDT (History)
CC List:	4 users (show)

See Also:	226207

Attachments
Patch (1.67 KB, patch) 2021-05-26 16:40 PDT, Tadeu Zagallo	no flags	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ryan Haddad 2021-05-26 15:54:08 PDT

Seeing the following assert with many tests on the Catalina Debug JSC bot with many profiler-test.yaml/tests/sunspider-1.0 tests

ASSERTION FAILED: !isCompilationThread()
./profiler/ProfilerDatabase.cpp(92) : void JSC::Profiler::Database::addCompilation(JSC::CodeBlock *, Ref<JSC::Profiler::Compilation> &&)
1   0x10c89c269 WTFCrash
2   0x10d12b79b WTFCrashWithInfo(int, char const*, char const*, int)
3   0x10e17412a JSC::Profiler::Database::addCompilation(JSC::CodeBlock*, WTF::Ref<JSC::Profiler::Compilation, WTF::RawPtrTraits<JSC::Profiler::Compilation> >&&)
4   0x10de864b4 JSC::JIT::link()
5   0x10de84abb JSC::JIT::compileAndLinkWithoutFinalizing(JSC::JITCompilationEffort)
6   0x10de57e90 JSC::BaselineJITPlan::compileInThreadImpl()
7   0x10df18b3c JSC::JITPlan::compileInThread(JSC::JITWorklistThread*)
8   0x10df8a0f5 JSC::JITWorklist::enqueue(WTF::Ref<JSC::JITPlan, WTF::RawPtrTraits<JSC::JITPlan> >)
9   0x10dfc711e JSC::LLInt::jitCompileAndSetHeuristics(JSC::VM&, JSC::CodeBlock*, JSC::BytecodeIndex)
10  0x10dfc65bd JSC::LLInt::entryOSR(JSC::CodeBlock*, char const*, JSC::LLInt::EntryKind)
11  0x10dfc6772 llint_entry_osr_function_for_call
12  0x10ce99d7f llint_entry
13  0x10ceb8122 llint_entry
14  0x10ceb8122 llint_entry
15  0x10ceb81ca llint_entry
16  0x10ceb81ca llint_entry
17  0x10ce95ef0 vmEntryToJavaScript
18  0x10de3aadb JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*)
19  0x10de3a0cd JSC::Interpreter::executeProgram(JSC::SourceCode const&, JSC::JSGlobalObject*, JSC::JSObject*)
20  0x10e292597 JSC::evaluate(JSC::JSGlobalObject*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&)
21  0x10c723ca1 runWithOptions(GlobalObject*, CommandLine&, bool&)
22  0x10c6dad68 jscmain(int, char**)::$_8::operator()(JSC::VM&, GlobalObject*, bool&) const
23  0x10c6ae8d3 int runJSC<jscmain(int, char**)::$_8>(CommandLine const&, bool, jscmain(int, char**)::$_8 const&)
24  0x10c6abfee jscmain(int, char**)
25  0x10c6abd33 main
26  0x7fff6bda1cc9 start

https://build.webkit.org/#/builders/17/builds/592/steps/9/logs/stdio

Comment 1 Radar WebKit Bug Importer 2021-05-26 15:54:22 PDT

<rdar://problem/78537378>

Comment 2 Ryan Haddad 2021-05-26 15:55:34 PDT

Regression range: https://trac.webkit.org/log/webkit/?action=stop_on_copy&mode=stop_on_copy&rev=278092&stop_rev=278080&limit=100&verbose=on

Comment 3 Ryan Haddad 2021-05-26 15:56:23 PDT

https://trac.webkit.org/changeset/278082/webkit was the only JSC change in that range

Comment 4 Tadeu Zagallo 2021-05-26 16:40:38 PDT

Created attachment 429813 [details]
Patch

Comment 5 EWS 2021-05-26 17:36:12 PDT

Committed r278139 (238184@main): <https://commits.webkit.org/238184@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 429813 [details].