Meanwhile skipping: - fast/profiler/dead-time.html - fast/profiler/stop-profiling-after-setTimeout.html Original bug: https://bugs.webkit.org/show_bug.cgi?id=56077
Committed r80843: <http://trac.webkit.org/changeset/80843>
http://trac.webkit.org/changeset/80843 might have broken GTK Linux 32-bit Release
Could you please attach a crash log?
I think this is the stack of those crashes or a related crasher: warning: Can't read pathname for load map: Input/output error. Core was generated by `/home/slave/webkitgtk/gtk-linux-64-debug/build/WebKitBuild/Debug/Programs/DumpR'. Program terminated with signal 11, Segmentation fault. #0 0x00002b03e749da47 in JSC::Profiler::stopProfiling (this=0x7c84f10, exec=0x2b043c8439f0, title=...) at ../../Source/JavaScriptCore/profiler/Profiler.cpp:84 84 ExecState* globalExec = exec ? exec->lexicalGlobalObject()->globalExec() : 0; Thread 1 (Thread 6012): #0 0x00002b03e749da47 in JSC::Profiler::stopProfiling (this=0x7c84f10, exec=0x2b043c8439f0, title=...) at ../../Source/JavaScriptCore/profiler/Profiler.cpp:84 #1 0x00002b03e74e18dd in JSC::JSGlobalObject::~JSGlobalObject (this=0x2b043c843950, __in_chrg=<value optimized out>) at ../../Source/JavaScriptCore/runtime/JSGlobalObject.cpp:102 #2 0x00002b03e66bb5f4 in WebCore::JSDOMGlobalObject::~JSDOMGlobalObject (this=0x2b043c843950, __in_chrg=<value optimized out>) at ../../Source/WebCore/bindings/js/JSDOMGlobalObject.h:44 #3 0x00002b03e66c6cb2 in WebCore::JSDOMWindowBase::~JSDOMWindowBase (this=0x2b043c843950, __in_chrg=<value optimized out>) at ../../Source/WebCore/bindings/js/JSDOMWindowBase.h:44 #4 0x00002b03e66c6cf4 in WebCore::JSDOMWindow::~JSDOMWindow (this=0x2b043c843950, __in_chrg=<value optimized out>) at ./DerivedSources/WebCore/JSDOMWindow.h:34 #5 0x00002b03e74ae44a in JSC::MarkedBlock::allocate (this=0x2b043c840000) at ../../Source/JavaScriptCore/runtime/JSCell.h:404 #6 0x00002b03e74adb3c in JSC::MarkedSpace::allocateFromSizeClass (this=0x179d148, sizeClass=...) at ../../Source/JavaScriptCore/runtime/MarkedSpace.cpp:77 #7 0x00002b03e6696d5a in JSC::MarkedSpace::allocate (this=0x179d148, bytes=792) at ../../Source/JavaScriptCore/runtime/JSCell.h:424 #8 0x00002b03e6696ef5 in JSC::Heap::allocate (this=0x179d140, bytes=792) at ../../Source/JavaScriptCore/runtime/JSCell.h:436 #9 0x00002b03e74e653f in JSC::JSGlobalObject::operator new (size=792, globalData=0x179b8f0) at ../../Source/JavaScriptCore/runtime/JSGlobalObject.cpp:443 #10 0x00002b03e66c7281 in WebCore::JSDOMWindowShell::setWindow (this=0x2b043c414150, domWindow=...) at ../../Source/WebCore/bindings/js/JSDOMWindowShell.cpp:67 #11 0x00002b03e6702991 in WebCore::ScriptController::clearWindowShell (this=0x17798e8, goingIntoPageCache=false) at ../../Source/WebCore/bindings/js/ScriptController.cpp:192 #12 0x00002b03e6bac30e in WebCore::FrameLoader::clear (this=0x17794a0, clearWindowProperties=true, clearScriptObjects=true, clearFrameView=true) at ../../Source/WebCore/loader/FrameLoader.cpp:575 #13 0x00002b03e6ba6997 in WebCore::DocumentWriter::begin (this=0x7f17bb0, url=..., dispatch=false, origin=0x0) at ../../Source/WebCore/loader/DocumentWriter.cpp:125 #14 0x00002b03e6bac4c9 in WebCore::FrameLoader::receivedFirstData (this=0x17794a0) at ../../Source/WebCore/loader/FrameLoader.cpp:604 #15 0x00002b03e6bae227 in WebCore::FrameLoader::willSetEncoding (this=0x17794a0) at ../../Source/WebCore/loader/FrameLoader.cpp:1093 #16 0x00002b03e6ba7300 in WebCore::DocumentWriter::setEncoding (this=0x7f17bb0, name=..., userChosen=false) at ../../Source/WebCore/loader/DocumentWriter.cpp:237 #17 0x00002b03e6b9c35a in WebCore::DocumentLoader::commitData (this=0x7f17ab0, bytes=0x7f8ce40 "<html>\n<head>\n<script src=\"resources/profiler-test-JS-resources.js\"></script>\n<script>\nif (window.layoutTestController) {\n layoutTestController.dumpAsText();\n layoutTestController.setJavaScriptP"..., length=797) at ../../Source/WebCore/loader/DocumentLoader.cpp:315 #18 0x00002b03e6584086 in WebKit::FrameLoaderClient::committedLoad (this=0x17775b0, loader=0x7f17ab0, data=0x7f8ce40 "<html>\n<head>\n<script src=\"resources/profiler-test-JS-resources.js\"></script>\n<script>\nif (window.layoutTestController) {\n layoutTestController.dumpAsText();\n layoutTestController.setJavaScriptP"..., length=797) at ../../Source/WebKit/gtk/WebCoreSupport/FrameLoaderClientGtk.cpp:319 #19 0x00002b03e6b9c2a5 in WebCore::DocumentLoader::commitLoad (this=0x7f17ab0, data=0x7f8ce40 "<html>\n<head>\n<script src=\"resources/profiler-test-JS-resources.js\"></script>\n<script>\nif (window.layoutTestController) {\n layoutTestController.dumpAsText();\n layoutTestController.setJavaScriptP"..., length=797) at ../../Source/WebCore/loader/DocumentLoader.cpp:303 #20 0x00002b03e6b9c490 in WebCore::DocumentLoader::receivedData (this=0x7f17ab0, data=0x7f8ce40 "<html>\n<head>\n<script src=\"resources/profiler-test-JS-resources.js\"></script>\n<script>\nif (window.layoutTestController) {\n layoutTestController.dumpAsText();\n layoutTestController.setJavaScriptP"..., length=797) at ../../Source/WebCore/loader/DocumentLoader.cpp:329 #21 0x00002b03e6be2f5d in WebCore::MainResourceLoader::addData (this=0x7f5f930, data=0x7f8ce40 "<html>\n<head>\n<script src=\"resources/profiler-test-JS-resources.js\"></script>\n<script>\nif (window.layoutTestController) {\n layoutTestController.dumpAsText();\n layoutTestController.setJavaScriptP"..., length=797, allAtOnce=false) at ../../Source/WebCore/loader/MainResourceLoader.cpp:161 #22 0x00002b03e6befb8f in WebCore::ResourceLoader::didReceiveData (this=0x7f5f930, data=0x7f8ce40 "<html>\n<head>\n<script src=\"resources/profiler-test-JS-resources.js\"></script>\n<script>\nif (window.layoutTestController) {\n layoutTestController.dumpAsText();\n layoutTestController.setJavaScriptP"..., length=797, lengthReceived=797, allAtOnce=false) at ../../Source/WebCore/loader/ResourceLoader.cpp:279 #23 0x00002b03e6be415c in WebCore::MainResourceLoader::didReceiveData (this=0x7f5f930, data=0x7f8ce40 "<html>\n<head>\n<script src=\"resources/profiler-test-JS-resources.js\"></script>\n<script>\nif (window.layoutTestController) {\n layoutTestController.dumpAsText();\n layoutTestController.setJavaScriptP"..., length=797, lengthReceived=797, allAtOnce=false) at ../../Source/WebCore/loader/MainResourceLoader.cpp:446 #24 0x00002b03e6bf04aa in WebCore::ResourceLoader::didReceiveData (this=0x7f5f930, data=0x7f8ce40 "<html>\n<head>\n<script src=\"resources/profiler-test-JS-resources.js\"></script>\n<script>\nif (window.layoutTestController) {\n layoutTestController.dumpAsText();\n layoutTestController.setJavaScriptP"..., length=797, lengthReceived=797) at ../../Source/WebCore/loader/ResourceLoader.cpp:430 #25 0x00002b03e654a4d5 in WebCore::readCallback (source=0x2b03f85290c0, asyncResult=0x253f520, data=0x0) at ../../Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:792 #26 0x00002b03ea5a3f65 in async_ready_callback_wrapper (source_object=0x2b03f85290c0, res=0x253f520, user_data=0x0) at /tmp/buildd/glib2.0-2.27.91/./gio/ginputstream.c:470 #27 0x00002b03ea5b5628 in complete_in_idle_cb_for_thread (_data=<value optimized out>) at /tmp/buildd/glib2.0-2.27.91/./gio/gsimpleasyncresult.c:812 #28 0x00002b03eb11c362 in g_main_dispatch (context=0x16f9780) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:2440 #29 g_main_context_dispatch (context=0x16f9780) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:3013 #30 0x00002b03eb120a28 in g_main_context_iterate (context=0x16f9780, block=<value optimized out>, dispatch=<value optimized out>, self=<value optimized out>) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:3091 #31 0x00002b03eb120f35 in g_main_loop_run (loop=0x81503a0) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:3299 #32 0x00002b03e908f657 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0 #33 0x000000000041f2cd in runTest (testPathOrURL=...) at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:679 #34 0x000000000041e95f in runTestingServerLoop () at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:489 #35 0x0000000000420a44 in main (argc=2, argv=0x7fffeea3b458) at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:1143
fast/profiler/window-dot-eval.html also affected by this. Skipped in http://trac.webkit.org/changeset/81346
fast/reflections/abs-position-in-reflection.html also crashing on 64-bits Debug. Skipped in http://trac.webkit.org/changeset/81353 #0 0x00002b5c749930ff in JSC::Profiler::stopProfiling (this=0x2b5cd552dee0, exec=0x2b5cc8f201d8, title=...) at ../../Source/JavaScriptCore/profiler/Profiler.cpp:84 84 ExecState* globalExec = exec ? exec->lexicalGlobalObject()->globalExec() : 0; Thread 1 (Thread 12979): #0 0x00002b5c749930ff in JSC::Profiler::stopProfiling (this=0x2b5cd552dee0, exec=0x2b5cc8f201d8, title=...) at ../../Source/JavaScriptCore/profiler/Profiler.cpp:84 #1 0x00002b5c749d6af2 in JSC::JSGlobalObject::~JSGlobalObject (this=0x2b5cc8f20150, __in_chrg=<value optimized out>) at ../../Source/JavaScriptCore/runtime/JSGlobalObject.cpp:102 #2 0x00002b5c73b97b80 in WebCore::JSDOMGlobalObject::~JSDOMGlobalObject (this=0x2b5cc8f20150, __in_chrg=<value optimized out>) at ../../Source/WebCore/bindings/js/JSDOMGlobalObject.h:44 #3 0x00002b5c73ba326e in WebCore::JSDOMWindowBase::~JSDOMWindowBase (this=0x2b5cc8f20150, __in_chrg=<value optimized out>) at ../../Source/WebCore/bindings/js/JSDOMWindowBase.h:44 #4 0x00002b5c73ba32b0 in WebCore::JSDOMWindow::~JSDOMWindow (this=0x2b5cc8f20150, __in_chrg=<value optimized out>) at ./DerivedSources/WebCore/JSDOMWindow.h:34 #5 0x00002b5c749a2bb5 in JSC::MarkedBlock::sweep (this=0x2b5cc8f20000) at ../../Source/JavaScriptCore/runtime/MarkedBlock.cpp:85 #6 0x00002b5c749a344d in JSC::MarkedSpace::sweep (this=0x2b5c8400e918) at ../../Source/JavaScriptCore/runtime/MarkedSpace.cpp:121 #7 0x00002b5c749a663d in JSC::Heap::reset (this=0x2b5c8400e910, sweepToggle=JSC::Heap::DoSweep) at ../../Source/JavaScriptCore/runtime/Heap.cpp:382 #8 0x00002b5c749a6589 in JSC::Heap::collectAllGarbage (this=0x2b5c8400e910) at ../../Source/JavaScriptCore/runtime/Heap.cpp:362 #9 0x00002b5c73b6ee51 in WebCore::collect () at ../../Source/WebCore/bindings/js/GCController.cpp:46 #10 0x00002b5c73b6efa4 in WebCore::GCController::gcTimerFired (this=0x26754e0) at ../../Source/WebCore/bindings/js/GCController.cpp:69 #11 0x00002b5c73b6f1be in WebCore::Timer<WebCore::GCController>::fired (this=0x26754e0) at ../../Source/WebCore/platform/Timer.h:100 #12 0x00002b5c7423bbfc in WebCore::ThreadTimers::sharedTimerFiredInternal (this=0x1fe6920) at ../../Source/WebCore/platform/ThreadTimers.cpp:112 #13 0x00002b5c7423bb33 in WebCore::ThreadTimers::sharedTimerFired () at ../../Source/WebCore/platform/ThreadTimers.cpp:90 #14 0x00002b5c73a0eb3a in WebCore::timeout_cb () at ../../Source/WebCore/platform/gtk/SharedTimerGtk.cpp:49 #15 0x00002b5c78626dbb in g_timeout_dispatch (source=0x2b5cd4e566d0, callback=0x2b5cc8f09998, user_data=0xffff000000000002) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:3877 #16 0x00002b5c78626362 in g_main_dispatch (context=0x1f3e780) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:2440 #17 g_main_context_dispatch (context=0x1f3e780) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:3013 #18 0x00002b5c7862aa28 in g_main_context_iterate (context=0x1f3e780, block=<value optimized out>, dispatch=<value optimized out>, self=<value optimized out>) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:3091 #19 0x00002b5c7862abdc in g_main_context_iteration (context=0x1f3e780, may_block=1) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:3154 #20 0x00002b5c76599501 in gtk_main_iteration () from /usr/lib/libgtk-x11-2.0.so.0 #21 0x000000000041ef65 in dump () at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:538 #22 0x000000000041fa20 in webViewLoadFinished (view=0x1faa030, frame=0x1fb7b60) at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:762 #23 0x00002b5c77d9333e in g_closure_invoke (closure=0x2039190, return_value=0x0, n_param_values=2, param_values=0x2b5cd572b6a0, invocation_hint=0x7fffa77d4b60) at /tmp/buildd/glib2.0-2.27.91/./gobject/gclosure.c:767 #24 0x00002b5c77dac3b9 in signal_emit_unlocked_R (node=0x1f9d9d0, detail=<value optimized out>, instance=<value optimized out>, emission_return=<value optimized out>, instance_and_params=<value optimized out>) at /tmp/buildd/glib2.0-2.27.91/./gobject/gsignal.c:3252 #25 0x00002b5c77dadb36 in g_signal_emit_valist (instance=0x1faa030, signal_id=<value optimized out>, detail=0, var_args=0x7fffa77d4d80) at /tmp/buildd/glib2.0-2.27.91/./gobject/gsignal.c:2983 #26 0x00002b5c77dade32 in g_signal_emit_by_name (instance=0x1faa030, detailed_signal=<value optimized out>) at /tmp/buildd/glib2.0-2.27.91/./gobject/gsignal.c:3077 #27 0x00002b5c73a60dae in WebKit::FrameLoaderClient::postProgressFinishedNotification (this=0x1fad2c0) at ../../Source/WebKit/gtk/WebCoreSupport/FrameLoaderClientGtk.cpp:442 #28 0x00002b5c740ca342 in WebCore::ProgressTracker::finalProgressComplete (this=0x1fb6200) at ../../Source/WebCore/loader/ProgressTracker.cpp:155 #29 0x00002b5c740ca1ef in WebCore::ProgressTracker::progressCompleted (this=0x1fb6200, frame=0x1fbdc00) at ../../Source/WebCore/loader/ProgressTracker.cpp:134 #30 0x00002b5c74094f37 in WebCore::FrameLoader::checkLoadCompleteForThisFrame (this=0x1fbdca0) at ../../Source/WebCore/loader/FrameLoader.cpp:2433 #31 0x00002b5c740955d2 in WebCore::FrameLoader::recursiveCheckLoadComplete (this=0x1fbdca0) at ../../Source/WebCore/loader/FrameLoader.cpp:2541 #32 0x00002b5c74095689 in WebCore::FrameLoader::checkLoadComplete (this=0x1fbdca0) at ../../Source/WebCore/loader/FrameLoader.cpp:2554 #33 0x00002b5c740943e8 in WebCore::FrameLoader::finishedLoading (this=0x1fbdca0) at ../../Source/WebCore/loader/FrameLoader.cpp:2197 #34 0x00002b5c740c576e in WebCore::MainResourceLoader::didFinishLoading (this=0x2b5cd57d2490, finishTime=0) at ../../Source/WebCore/loader/MainResourceLoader.cpp:467 #35 0x00002b5c740d1951 in WebCore::ResourceLoader::didFinishLoading (this=0x2b5cd57d2490, finishTime=0) at ../../Source/WebCore/loader/ResourceLoader.cpp:436 #36 0x00002b5c73a266bc in WebCore::readCallback (source=0x2b5c8749e180, asyncResult=0x2b5c874529e0, data=0x0) at ../../Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:781 #37 0x00002b5c77aadf65 in async_ready_callback_wrapper (source_object=0x2b5c8749e180, res=0x2b5c874529e0, user_data=0x0) at /tmp/buildd/glib2.0-2.27.91/./gio/ginputstream.c:470 #38 0x00002b5c77abf628 in complete_in_idle_cb_for_thread (_data=<value optimized out>) at /tmp/buildd/glib2.0-2.27.91/./gio/gsimpleasyncresult.c:812 #39 0x00002b5c78626362 in g_main_dispatch (context=0x1f3e780) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:2440 #40 g_main_context_dispatch (context=0x1f3e780) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:3013 #41 0x00002b5c7862aa28 in g_main_context_iterate (context=0x1f3e780, block=<value optimized out>, dispatch=<value optimized out>, self=<value optimized out>) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:3091 #42 0x00002b5c7862af35 in g_main_loop_run (loop=0x2b5cd0ef34c0) at /tmp/buildd/glib2.0-2.27.91/./glib/gmain.c:3299 #43 0x00002b5c76599657 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0 #44 0x000000000041f6d9 in runTest (testPathOrURL=...) at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:679 #45 0x000000000041ed6b in runTestingServerLoop () at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:489 #46 0x0000000000420e50 in main (argc=2, argv=0x7fffa77d5f48) at ../../Tools/DumpRenderTree/gtk/DumpRenderTree.cpp:1143
oliver: geoff: looks like a GC issue. G.
I think the bug here is that m_globalScopeChain has been recycled: 1. Recycle m_globalScopeChain. 2. Run ~JSGlobalObject::JSGlobalObject. 3. Profiler::stopProfiling calls exec->lexicalGlobalObject(), which relies on m_globalScopeChain.
Created attachment 86230 [details] Patch
Committed r81525: <http://trac.webkit.org/changeset/81525>
Sergio, Martin, Philippe, can you check whether this fixed the GTK bots, and possibly re-enable the relevant tests? Thanks.
I'll re-enable the relavant tests and report back here with the results.
Committed r81532: <http://trac.webkit.org/changeset/81532>