244404 – REGRESSION (253234@main): [ macOS wk1 Debug ] js/dom/modules/missing-exception-check-for-import.html is a consistent crash

Bug 244404 - REGRESSION (253234@main): [ macOS wk1 Debug ] js/dom/modules/missing-exception-check-for-import.html is a consistent crash

Summary: REGRESSION (253234@main): [ macOS wk1 Debug ] js/dom/modules/missing-exceptio...

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Yusuke Suzuki

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2022-08-26 12:25 PDT by Karl Rackler
Modified:	2022-09-09 19:44 PDT (History)
CC List:	4 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Karl Rackler 2022-08-26 12:25:26 PDT

Description:
js/dom/modules/missing-exception-check-for-import.html

The dashboard shows this consistent crash begin to fail at 253234@main

REPRODUCTION STEPS
I can reproduce this on 253235@main but cannot reproduce it on 253233@main or earlier.

Command: 
run-webkit-tests --debug -1 --exit-after-n-failures 1 --exit-after-n-crashes-or-timeouts 1 --iterations 50 -f --no-retry js/dom/modules/missing-exception-check-for-import.html

Result: 
Regressions: Unexpected crashes (1)
  js/dom/modules/missing-exception-check-for-import.html [ Crash ]

History:
https://results.webkit.org/?suite=layout-tests&test=js%2Fdom%2Fmodules%2Fmissing-exception-check-for-import.html&platform=mac&style=debug&flavor=wk1&limit=50000

Crash Log:
No crash log found for DumpRenderTree:41798.

stdout:

stderr:
2022-08-08 21:41:51.724 DumpRenderTree[41798:6574364] nil host used in call to allowsSpecificHTTPSCertificateForHost
2022-08-08 21:41:51.724 DumpRenderTree[41798:6574364] nil host used in call to allowsAnyHTTPSCertificateForHost:
2022-08-08 21:41:51.794 DumpRenderTree[41798:6574364] nil host used in call to allowsSpecificHTTPSCertificateForHost
2022-08-08 21:41:51.794 DumpRenderTree[41798:6574364] nil host used in call to allowsAnyHTTPSCertificateForHost:
ERROR: Unchecked JS exception:
    This scope can throw a JS exception: requestImportModule @ runtime/JSModuleLoader.cpp:227
        (ExceptionScope::m_recursionDepth was 8)
    But the exception was unchecked as of this scope: importModule @ bindings/js/ScriptModuleLoader.cpp:305
        (ExceptionScope::m_recursionDepth was 7)

Unchecked exception detected at:
    1   0x12055ddab JSC::VM::verifyExceptionCheckNeedIsSatisfied(unsigned int, JSC::ExceptionEventLocation&)
    2   0x120539d7a JSC::ThrowScope::~ThrowScope()
    3   0x120539f55 JSC::ThrowScope::~ThrowScope()
    4   0x12a614285 WebCore::ScriptModuleLoader::importModule(JSC::JSGlobalObject*, JSC::JSModuleLoader*, JSC::JSString*, JSC::JSValue, JSC::SourceOrigin const&)
    5   0x12a53a531 WebCore::JSDOMGlobalObject::moduleLoaderImportModule(JSC::JSGlobalObject*, JSC::JSModuleLoader*, JSC::JSString*, JSC::JSValue, JSC::SourceOrigin const&)
    6   0x12029f7b2 JSC::JSModuleLoader::importModule(JSC::JSGlobalObject*, JSC::JSString*, JSC::JSValue, JSC::SourceOrigin const&)
    7   0x12022acc2 JSC::globalFuncImportModule(JSC::JSGlobalObject*, JSC::CallFrame*)
    8   0x2e25e100c038
    9   0x11eba5ee9 llint_entry
    10  0x2e25e11fbd99
    11  0x11eba5ee9 llint_entry
    12  0x11eba5ee9 llint_entry
    13  0x11eb819d0 vmEntryToJavaScript
    14  0x11fbe8a92 JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*)
    15  0x11fbe81aa JSC::Interpreter::executeProgram(JSC::SourceCode const&, JSC::JSGlobalObject*, JSC::JSObject*)
    16  0x1200595a5 JSC::evaluate(JSC::JSGlobalObject*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&)
    17  0x1200596ec JSC::profiledEvaluate(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&)
    18  0x12a60b448 WebCore::JSExecState::profiledEvaluate(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&)
    19  0x12a60aebe WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&)
    20  0x12a60ac79 WebCore::ScriptController::evaluateInWorldIgnoringException(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&)
    21  0x12a60b6c5 WebCore::ScriptController::evaluateIgnoringException(WebCore::ScriptSourceCode const&)
    22  0x12af6a2c0 WebCore::ScriptElement::executeClassicScript(WebCore::ScriptSourceCode const&)
    23  0x12af68364 WebCore::ScriptElement::prepareScript(WTF::TextPosition const&, WebCore::ScriptElement::LegacyTypeSupport)
    24  0x12b55033e WebCore::HTMLScriptRunner::runScript(WebCore::ScriptElement&, WTF::TextPosition const&)
    25  0x12b550144 WebCore::HTMLScriptRunner::execute(WTF::Ref<WebCore::ScriptElement, WTF::RawPtrTraits<WebCore::ScriptElement> >&&, WTF::TextPosition const&)
    26  0x12b5341aa WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder()
    27  0x12b534681 WebCore::HTMLDocumentParser::pumpTokenizerLoop(WebCore::HTMLDocumentParser::SynchronousMode, bool, WebCore::PumpSession&)
    28  0x12b5339b8 WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode)
    29  0x12b533180 WebCore::HTMLDocumentParser::pumpTokenizerIfPossible(WebCore::HTMLDocumentParser::SynchronousMode)
    30  0x12b53520c WebCore::HTMLDocumentParser::append(WTF::RefPtr<WTF::StringImpl, WTF::RawPtrTraits<WTF::StringImpl>, WTF::DefaultRefDerefTraits<WTF::StringImpl> >&&, WebCore::HTMLDocumentParser::SynchronousMode)
    31  0x12b534fef WebCore::HTMLDocumentParser::append(WTF::RefPtr<WTF::StringImpl, WTF::RawPtrTraits<WTF::StringImpl>, WTF::DefaultRefDerefTraits<WTF::StringImpl> >&&)
    32  0x12ad20f73 WebCore::DecodedDataDocumentParser::appendBytes(WebCore::DocumentWriter&, unsigned char const*, unsigned long)
    33  0x12b9c394d WebCore::DocumentWriter::addData(WebCore::SharedBuffer const&)
    34  0x12b9bbd9f WebCore::DocumentLoader::commitData(WebCore::SharedBuffer const&)
    35  0x1072f1a57 -[WebFrame(WebInternal) _commitData:]
    36  0x107408b26 -[WebHTMLRepresentation receivedData:withDataSource:]
    37  0x1072d9dea -[WebDataSource(WebInternal) _receivedData:]
    38  0x1072cfb2c WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader*, WebCore::SharedBuffer const&)
    39  0x12b9c22ce WebCore::DocumentLoader::commitLoad(WebCore::SharedBuffer const&)
    40  0x12b9c3c43 WebCore::DocumentLoader::dataReceived(WebCore::SharedBuffer const&)
    41  0x12b9c39ed WebCore::DocumentLoader::dataReceived(WebCore::CachedResource&, WebCore::SharedBuffer const&)
    42  0x12bb78587 WebCore::CachedRawResource::notifyClientsDataWasReceived(WebCore::SharedBuffer const&)
    43  0x12bb78357 WebCore::CachedRawResource::updateBuffer(WebCore::FragmentedSharedBuffer const&)
    44  0x12baf2a44 WebCore::SubresourceLoader::didReceiveBuffer(WebCore::FragmentedSharedBuffer const&, long long, WebCore::DataPayloadType)
    45  0x12bacfcef WebCore::ResourceLoader::didReceiveData(WebCore::SharedBuffer const&, long long, WebCore::DataPayloadType)
    46  0x12bad0d61 WebCore::ResourceLoader::didReceiveData(WebCore::ResourceHandle*, WebCore::SharedBuffer const&, int)
    47  0x12d4290ee -[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveData:lengthReceived:]::$_5::operator()()
    48  0x12d428f79 WTF::Detail::CallableWrapper<-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveData:lengthReceived:]::$_5, void>::call()
    49  0x11e4d2a82 WTF::Function<void ()>::operator()() const
    50  0x11e56e4fe WTF::RunLoop::performWork()
    51  0x11e572f5e WTF::RunLoop::performWork(void*)
    52  0x7ff812859aeb __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__
    53  0x7ff812859a53 __CFRunLoopDoSource0
    54  0x7ff8128597cd __CFRunLoopDoSources0
    55  0x7ff8128581e8 __CFRunLoopRun
    56  0x7ff8128577ac CFRunLoopRunSpecific
    57  0x105e4ded8 runTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&)
    58  0x105e4d107 runTestingServerLoop()
    59  0x105e4c8d2 dumpRenderTree(int, char const**)
    60  0x105e4ea18 DumpRenderTreeMain(int, char const**)
    61  0x105f34452 main
    62  0x10c24951e

ASSERTION FAILED: !m_needExceptionCheck
runtime/VM.cpp(1350) : void JSC::VM::verifyExceptionCheckNeedIsSatisfied(unsigned int, JSC::ExceptionEventLocation &)
1   0x11e4a36c9 WTFCrash
2   0x1201828db WTFCrashWithInfo(int, char const*, char const*, int)
3   0x12055dec7 JSC::VM::verifyExceptionCheckNeedIsSatisfied(unsigned int, JSC::ExceptionEventLocation&)
4   0x120539d7a JSC::ThrowScope::~ThrowScope()
5   0x120539f55 JSC::ThrowScope::~ThrowScope()
6   0x12a614285 WebCore::ScriptModuleLoader::importModule(JSC::JSGlobalObject*, JSC::JSModuleLoader*, JSC::JSString*, JSC::JSValue, JSC::SourceOrigin const&)
7   0x12a53a531 WebCore::JSDOMGlobalObject::moduleLoaderImportModule(JSC::JSGlobalObject*, JSC::JSModuleLoader*, JSC::JSString*, JSC::JSValue, JSC::SourceOrigin const&)
8   0x12029f7b2 JSC::JSModuleLoader::importModule(JSC::JSGlobalObject*, JSC::JSString*, JSC::JSValue, JSC::SourceOrigin const&)
9   0x12022acc2 JSC::globalFuncImportModule(JSC::JSGlobalObject*, JSC::CallFrame*)
10  0x2e25e100c038
11  0x11eba5ee9 llint_entry
12  0x2e25e11fbd99
13  0x11eba5ee9 llint_entry
14  0x11eba5ee9 llint_entry
15  0x11eb819d0 vmEntryToJavaScript
16  0x11fbe8a92 JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*)
17  0x11fbe81aa JSC::Interpreter::executeProgram(JSC::SourceCode const&, JSC::JSGlobalObject*, JSC::JSObject*)
18  0x1200595a5 JSC::evaluate(JSC::JSGlobalObject*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&)
19  0x1200596ec JSC::profiledEvaluate(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&)
20  0x12a60b448 WebCore::JSExecState::profiledEvaluate(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&)
21  0x12a60aebe WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&)
22  0x12a60ac79 WebCore::ScriptController::evaluateInWorldIgnoringException(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&)
23  0x12a60b6c5 WebCore::ScriptController::evaluateIgnoringException(WebCore::ScriptSourceCode const&)
24  0x12af6a2c0 WebCore::ScriptElement::executeClassicScript(WebCore::ScriptSourceCode const&)
25  0x12af68364 WebCore::ScriptElement::prepareScript(WTF::TextPosition const&, WebCore::ScriptElement::LegacyTypeSupport)
26  0x12b55033e WebCore::HTMLScriptRunner::runScript(WebCore::ScriptElement&, WTF::TextPosition const&)
27  0x12b550144 WebCore::HTMLScriptRunner::execute(WTF::Ref<WebCore::ScriptElement, WTF::RawPtrTraits<WebCore::ScriptElement> >&&, WTF::TextPosition const&)
28  0x12b5341aa WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder()
29  0x12b534681 WebCore::HTMLDocumentParser::pumpTokenizerLoop(WebCore::HTMLDocumentParser::SynchronousMode, bool, WebCore::PumpSession&)
30  0x12b5339b8 WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode)
31  0x12b533180 WebCore::HTMLDocumentParser::pumpTokenizerIfPossible(WebCore::HTMLDocumentParser::SynchronousMode)

Comment 1 Radar WebKit Bug Importer 2022-08-26 12:25:57 PDT

<rdar://problem/99198236>

Comment 2 Karl Rackler 2022-08-26 12:30:59 PDT

I have marked this test as a consistent crash while this issue is investigated.

Comment 3 EWS 2022-08-26 12:36:19 PDT

Test gardening commit 253828@main (aa9d68f82f04): <https://commits.webkit.org/253828@main>

Reviewed commits have been landed. Closing PR #3716 and removing active labels.

Comment 4 Yusuke Suzuki 2022-09-09 17:58:46 PDT

Pull request: https://github.com/WebKit/WebKit/pull/3716

Comment 5 Yusuke Suzuki 2022-09-09 18:01:27 PDT

Ugh, original PR is overwritten :(

Comment 6 Yusuke Suzuki 2022-09-09 18:01:32 PDT

https://github.com/WebKit/WebKit/pull/4210

Comment 7 EWS 2022-09-09 19:44:08 PDT

Committed 254345@main (37b499af6366): <https://commits.webkit.org/254345@main>

Reviewed commits have been landed. Closing PR #4210 and removing active labels.