88966 – [Qt] REGRESSION(r120149): It made fast/workers/wrapper-map-gc.html crash

Bug 88966 - [Qt] REGRESSION(r120149): It made fast/workers/wrapper-map-gc.html crash

Summary: [Qt] REGRESSION(r120149): It made fast/workers/wrapper-map-gc.html crash

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	528+ (Nightly build)
Hardware:	All All

Importance:	P1 Critical
Assignee:	Nobody

URL:
Keywords:	Qt, QtTriaged

Duplicates (2):	116854 116855 (view as bug list)
Depends on:
Blocks:	79668 88840
	Show dependency tree / graph

Reported:	2012-06-12 23:13 PDT by Csaba Osztrogonác
Modified:	2013-05-28 05:52 PDT (History)
CC List:	6 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Csaba Osztrogonác 2012-06-12 23:13:54 PDT

It crashes on the Qt5-WK1 (32bit) bot since r120149. Here is the crash log from the bot:

crash log for DumpRenderTree (pid 5647):
STDOUT: <empty>
STDERR: 1   0xf6c5bfc8 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WTF::fastMalloc(unsigned int)+0x350) [0xf6c5bfc8]
STDERR: 2   0xf56e421a /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WTF::Vector<unsigned char, 0u>::reserveCapacity(unsigned int)+0x3a) [0xf56e421a]
STDERR: 3   0xf56e429f /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WTF::Vector<unsigned char, 0u>::expandCapacity(unsigned int)+0x41) [0xf56e429f]
STDERR: 4   0xf5770047 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(void WTF::Vector<unsigned char, 0u>::append<unsigned char>(unsigned char const*, unsigned int)+0x43) [0xf5770047]
STDERR: 5   0xf599afe4 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::CloneSerializer::write(JSC::UString const&)+0x124) [0xf599afe4]
STDERR: 6   0xf599b512 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::CloneSerializer::dumpIfTerminal(JSC::JSValue, WebCore::SerializationReturnCode&)+0x3d2) [0xf599b512]
STDERR: 7   0xf599d55d /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::CloneSerializer::serialize(JSC::JSValue)+0x178d) [0xf599d55d]
STDERR: 8   0xf599e264 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::SerializedScriptValue::create(JSC::ExecState*, JSC::JSValue, WTF::Vector<WTF::RefPtr<WebCore::MessagePort>, 1u>*, WTF::Vector<WTF::RefPtr<WTF::ArrayBuffer>, 1u>*, WebCore::SerializationErrorMode)+0x94) [0xf599e264]
STDERR: 9   0xf6236525 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(JSC::JSValue WebCore::handlePostMessage<WebCore::DedicatedWorkerContext>(JSC::ExecState*, WebCore::DedicatedWorkerContext*)+0xb5) [0xf6236525]
STDERR: 10  0xf6236988 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::JSDedicatedWorkerContext::postMessage(JSC::ExecState*)+0x32) [0xf6236988]
STDERR: 11  0xf677b486 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::jsDedicatedWorkerContextPrototypeFunctionPostMessage(JSC::ExecState*)+0x61) [0xf677b486]
STDERR: 12  0x686f6d0f [0x686f6d0f]
STDERR: 13  0xf6a98d23 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(JSC::JITCode::execute(JSC::RegisterFile*, JSC::ExecState*, JSC::JSGlobalData*)+0x49) [0xf6a98d23]
STDERR: 14  0xf6a92fcd /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&)+0x40f) [0xf6a92fcd]
STDERR: 15  0xf6b89f34 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&)+0x60) [0xf6b89f34]
STDERR: 16  0xf59469f5 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext*, WebCore::Event*)+0xca5) [0xf59469f5]
STDERR: 17  0xf5b46b62 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1u>&)+0x132) [0xf5b46b62]
STDERR: 18  0xf5b46d31 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::EventTarget::fireEventListeners(WebCore::Event*)+0x57) [0xf5b46d31]
STDERR: 19  0xf5b470da /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>)+0x64) [0xf5b470da]
STDERR: 20  0xf6247cec /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::MessageWorkerContextTask::performTask(WebCore::ScriptExecutionContext*)+0x25c) [0xf6247cec]
STDERR: 21  0xf6248825 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::WorkerRunLoop::Task::performTask(WebCore::WorkerRunLoop const&, WebCore::ScriptExecutionContext*)+0x59) [0xf6248825]
STDERR: 22  0xf624902d /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::WorkerRunLoop::runInMode(WebCore::WorkerContext*, WebCore::ModePredicate const&, WebCore::WorkerRunLoop::WaitMode)+0xed) [0xf624902d]
STDERR: 23  0xf62496e0 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::WorkerRunLoop::run(WebCore::WorkerContext*)+0xc0) [0xf62496e0]
STDERR: 24  0xf6249f0b /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::WorkerThread::runEventLoop()+0x27) [0xf6249f0b]
STDERR: 25  0xf623f189 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::DedicatedWorkerThread::runEventLoop()+0x47) [0xf623f189]
STDERR: 26  0xf624a74e /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::WorkerThread::workerThread()+0x21e) [0xf624a74e]
STDERR: 27  0xf624aa7f /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(WebCore::WorkerThread::workerThreadStart(void*)+0x1d) [0xf624aa7f]
STDERR: 28  0xf6c69b4a /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(+0x1f23b4a) [0xf6c69b4a]
STDERR: 29  0xf6c7f9e6 /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/lib/libQtWebKit.so.5(+0x1f399e6) [0xf6c7f9e6]
STDERR: 30  0xf327e7b0 /lib/libpthread.so.0(+0x57b0) [0xf327e7b0]
STDERR: 31  0xf30c70be /lib/libc.so.6(clone+0x5e) [0xf30c70be]
STDERR: 1   0x806afda /home/webkitbuildbot/slaves/release32bit-qt5/buildslave/qt-linux-32-release-qt5/build/WebKitBuild/Release/bin/DumpRenderTree() [0x806afda]
STDERR: 2   0xf76eb400 [0xf76eb400]

Comment 1 Csaba Osztrogonác 2012-06-12 23:20:37 PDT

And the following tests became flakey: (Fail with "FAIL: Timed out 
waiting for notifyDone to be called" and pass after rerunning tests)

fast/workers/shared-worker-shared.html
fast/workers/worker-script-error.html
fast/workers/worker-terminate.html
fast/workers/shared-worker-name.html
fast/workers/worker-close-more.html
fast/workers/worker-multi-startup.html
fast/workers/shared-worker-script-error.html
fast/workers/worker-lifecycle.html

Comment 2 Csaba Osztrogonác 2012-06-12 23:49:15 PDT

It's hard to reproduces this bug if you don't run all tests,
because it is a GC bug ...

But I managed to reproduce it on 32 bit Qt5 if I ran fast/workers tests.
In this case fast/workers/worker-multi-startup.html crashes always.

Comment 3 Csaba Osztrogonác 2012-06-15 09:17:55 PDT

Any progression with fixing it? Or is this crash (serious GC bug!) absolutely acceptable?

Comment 4 Geoffrey Garen 2012-06-15 11:18:40 PDT

> Any progression with fixing it? Or is this crash (serious GC bug!) absolutely acceptable?

I don't have a Qt setup to debug this with. If there are Qt engineers who can debug GC issues, I can help. Otherwise, I'd suggest turning off parallel GC in the Qt port.

Comment 5 Csaba Osztrogonác 2012-06-16 01:06:33 PDT

(In reply to comment #4)
> > Any progression with fixing it? Or is this crash (serious GC bug!) absolutely acceptable?
> 
> I don't have a Qt setup to debug this with. If there are Qt engineers who can debug GC issues, I can help. Otherwise, I'd suggest turning off parallel GC in the Qt port.

Zoltán, as far as I know you have fixed GC related bugs previously. Could you pick it up, please?

Comment 6 Csaba Osztrogonác 2012-06-18 00:39:58 PDT

It seems it isn't Qt 5 and it isn't 32 bit specific bug,
I managed to reproduce it with Qt 4.8 and on 64 bit too.

But you can reproduce it simpler on 32 bit with any Qt version. If you run
fast/workers tests, fast/workers/worker-multi-startup.html always crashes.

Comment 7 Zoltan Herczeg 2012-06-18 06:15:12 PDT

It seems bash32 limits the number of threads to 512 for a given program. We should increse this.

Comment 8 Csaba Osztrogonác 2012-06-18 08:07:12 PDT

(In reply to comment #7)
> It seems bash32 limits the number of threads to 512 for a given program. We should increse this.

(In reply to comment #7)
> It seems bash32 limits the number of threads to 512 for a given program. We should increse this.

The problem isn't limited number of threads, but the 4G adress space. :-/
The default Stack size is 8M ( "ulimit -s == 8192" ) and 8M*512 = 4G,
so we can't run more than 512 threads except we decrease the stack size.

I'm going to check what happens if we decrease the stack size.

Comment 9 Csaba Osztrogonác 2012-06-19 00:02:00 PDT

It seems that decreasing stack size to 1M solves this problem. (and let WebKit to create max. 4096 threads) But I need a double check.

Comment 10 Csaba Osztrogonác 2012-06-19 01:26:55 PDT

(In reply to comment #9)
> It seems that decreasing stack size to 1M solves this problem. (and let WebKit to create max. 4096 threads) But I need a double check.

It solved the problem, we can close the bug.

Comment 11 Csaba Osztrogonác 2013-05-28 05:52:05 PDT

*** Bug 116855 has been marked as a duplicate of this bug. ***

Comment 12 Csaba Osztrogonác 2013-05-28 05:52:16 PDT

*** Bug 116854 has been marked as a duplicate of this bug. ***