[Webkit-unassigned] [Bug 167577] New: Several web timing tests crash in GTK+ and AppleWin bots

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Jan 30 01:23:41 PST 2017 

https://bugs.webkit.org/show_bug.cgi?id=167577

            Bug ID: 167577
           Summary: Several web timing tests crash in GTK+ and AppleWin
                    bots
    Classification: Unclassified
           Product: WebKit
           Version: WebKit Local Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Keywords: LayoutTestFailure
          Severity: Normal
          Priority: P2
         Component: WebKit Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: cgarcia at igalia.com
                CC: bugs-noreply at webkitgtk.org, joepeck at webkit.org,
                    rniwa at webkit.org

Thread 1 (Thread 0x7ff3e7c27940 (LWP 19299)):
#0  0x00007ff3f7776b11 in WebCore::insertPerformanceEntry(WTF::HashMap<WTF::String, WTF::Vector<WTF::RefPtr<WebCore::PerformanceEntry>, 0ul, WTF::CrashOnOverflow, 16ul>, WTF::StringHash, WTF::HashTraits<WTF::String>, WTF::HashTraits<WTF::Vector<WTF::RefPtr<WebCore::PerformanceEntry>, 0ul, WTF::CrashOnOverflow, 16ul> > >&, WTF::Ref<WebCore::PerformanceEntry>&&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#1  0x00007ff3f7776dec in WebCore::UserTiming::mark(WTF::String const&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#2  0x00007ff3f7771634 in WebCore::Performance::mark(WTF::String const&) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#3  0x00007ff3f815c2fb in WebCore::jsPerformancePrototypeFunctionMark(JSC::ExecState*) () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#4  0x00007ff3a6ffe028 in ?? ()
#5  0x00007fffc0588b80 in ?? ()
#6  0x00007ff3f47345e0 in llint_entry () from /home/slave/webkitgtk/gtk-linux-64-release/build/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
Backtrace stopped: frame did not save the PC

I think this doesn't happen in other bots because of the compiler version. The problem is that entry is used in both the key, to get name, and in the value with WTFMove. So, the name is invalidated by the move. It could be fixed by simply copying the name, instead of using entry->name, but I think that code could be simplified using HashMap::ensure and then we don't need any string copy, nor even the static insertPerformanceEntry().

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170130/4eb9e44c/attachment.html>

More information about the webkit-unassigned mailing list