[Webkit-unassigned] [Bug 254364] [ Monterey+ wk2 ] 2X http/tests/webgpu/webgpu/api/operation (layout-tests) are flaky crashes
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Mar 23 14:13:38 PDT 2023
https://bugs.webkit.org/show_bug.cgi?id=254364
--- Comment #2 from Robert Jenner <Jenner at apple.com> ---
I was able to reproduce the crash locally on Monterey Release ToT running the test as follows:
run-webkit-tests --no-build http/tests/webgpu/webgpu/api/operation/texture_view/read.html --iterations 10
Running the test generated the following crash log:
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 WebKit 0x4c5a278f5 unwrap + 0 (RawPtrTraits.h:44) [inlined]
1 WebKit 0x4c5a278f5 operator-> + 0 (Ref.h:115) [inlined]
2 WebKit 0x4c5a278f5 root + 0 (RemoteAdapterProxy.h:54) [inlined]
3 WebKit 0x4c5a278f5 root + 7 (RemoteDeviceProxy.h:52) [inlined]
4 WebKit 0x4c5a278f5 root + 11 (RemoteQueueProxy.h:50) [inlined]
5 WebKit 0x4c5a278f5 send<Messages::RemoteQueue::Destruct> + 15 (RemoteQueueProxy.h:68) [inlined]
6 WebKit 0x4c5a278f5 WebKit::WebGPU::RemoteQueueProxy::~RemoteQueueProxy() + 51 (RemoteQueueProxy.cpp:45)
7 WebKit 0x4c5a27a66 ~RemoteQueueProxy + 5 (RemoteQueueProxy.cpp:44) [inlined]
8 WebKit 0x4c5a27a66 WebKit::WebGPU::RemoteQueueProxy::~RemoteQueueProxy() + 14 (RemoteQueueProxy.cpp:44)
9 WebCore 0x4d27bb1c3 operator() + 3 (unique_ptr.h:57) [inlined]
10 WebCore 0x4d27bb1c3 deref + 20 (RefCounted.h:190) [inlined]
11 WebCore 0x4d27bb1c3 ~Ref + 44 (Ref.h:61) [inlined]
12 WebCore 0x4d27bb1c3 ~Ref + 44 (Ref.h:55) [inlined]
13 WebCore 0x4d27bb1c3 ~GPUQueue + 44 (GPUQueue.h:48) [inlined]
14 WebCore 0x4d27bb1c3 ~GPUQueue + 44 (GPUQueue.h:48) [inlined]
15 WebCore 0x4d27bb1c3 operator() + 44 (unique_ptr.h:57) [inlined]
16 WebCore 0x4d27bb1c3 deref + 44 (RefCounted.h:190) [inlined]
17 WebCore 0x4d27bb1c3 ~Ref + 44 (Ref.h:61) [inlined]
18 WebCore 0x4d27bb1c3 ~Ref + 44 (Ref.h:55) [inlined]
19 WebCore 0x4d27bb1c3 ~JSDOMWrapper + 44 (JSDOMWrapper.h:73) [inlined]
20 WebCore 0x4d27bb1c3 ~JSGPUQueue + 44 (JSGPUQueue.h:29) [inlined]
21 WebCore 0x4d27bb1c3 ~JSGPUQueue + 44 (JSGPUQueue.h:29) [inlined]
22 WebCore 0x4d27bb1c3 WebCore::JSGPUQueue::destroy(JSC::JSCell*) + 83 (JSGPUQueue.cpp:204)
23 JavaScriptCore 0x4ccaf6da6 JSC::PreciseAllocation::sweep() + 70 (PreciseAllocation.cpp:234)
24 JavaScriptCore 0x4ccaee41a JSC::MarkedSpace::sweepPreciseAllocations() + 106 (MarkedSpace.cpp:235)
25 JavaScriptCore 0x4ccabc544 sweepInFinalize + 12 (Heap.cpp:2212) [inlined]
26 JavaScriptCore 0x4ccabc544 JSC::Heap::finalize() + 100 (Heap.cpp:2152)
27 JavaScriptCore 0x4ccabbfcc JSC::Heap::handleNeedFinalize(unsigned int) + 60 (Heap.cpp:2089)
28 JavaScriptCore 0x4ccab87ee handleNeedFinalize + 14 (Heap.cpp:2100) [inlined]
29 JavaScriptCore 0x4ccab87ee JSC::Heap::finishChangingPhase(JSC::GCConductor) + 158 (Heap.cpp:1696)
30 JavaScriptCore 0x4ccaba5be changePhase + 46 (Heap.cpp:1670) [inlined]
31 JavaScriptCore 0x4ccaba5be JSC::Heap::runEndPhase(JSC::GCConductor) + 2510 (Heap.cpp:1660)
32 JavaScriptCore 0x4ccab863b JSC::Heap::runCurrentPhase(JSC::GCConductor, JSC::CurrentThreadState*) + 299 (Heap.cpp:1315)
33 JavaScriptCore 0x4ccad0afd operator() + 13 (Heap.cpp:1927) [inlined]
34 JavaScriptCore 0x4ccad0afd WTF::ScopedLambdaFunctor<void (JSC::CurrentThreadState&), JSC::Heap::collectInMutatorThread()::$_0>::implFunction(void*, JSC::CurrentThreadState&) + 29 (ScopedLambda.h:106)
35 JavaScriptCore 0x4ccaeb1a5 operator()<JSC::CurrentThreadState &> + 10 (ScopedLambda.h:58) [inlined]
36 JavaScriptCore 0x4ccaeb1a5 JSC::callWithCurrentThreadState(WTF::ScopedLambda<void (JSC::CurrentThreadState&)> const&) + 117 (MachineStackMarker.cpp:224)
37 JavaScriptCore 0x4ccabc07d JSC::Heap::collectInMutatorThread() + 93 (Heap.cpp:1939)
38 JavaScriptCore 0x4ccabbed4 stopIfNecessarySlow + 40 (Heap.cpp:1908) [inlined]
39 JavaScriptCore 0x4ccabbed4 JSC::Heap::stopIfNecessarySlow() + 68 (Heap.cpp:1880)
40 JavaScriptCore 0x4ccab487e stopIfNecessary + 19 (HeapInlines.h:258) [inlined]
41 JavaScriptCore 0x4ccab487e JSC::Heap::collectIfNecessaryOrDefer(JSC::GCDeferralContext*) + 126 (Heap.cpp:2684)
42 JavaScriptCore 0x4ccae6cb2 JSC::LocalAllocator::allocateSlowCase(JSC::Heap&, JSC::GCDeferralContext*, JSC::AllocationFailureMode) + 114 (LocalAllocator.cpp:125)
43 WebCore 0x4d32a2ca6 operator() + 23 (LocalAllocatorInlines.h:41) [inlined]
44 WebCore 0x4d32a2ca6 */JavaScriptCore.framework/PrivateHeaders/LocalAllocatorInlines.h:39:9)> + 23 (FreeListInlines.h:46) [inlined]
45 WebCore 0x4d32a2ca6 allocate + 23 (LocalAllocatorInlines.h:38) [inlined]
46 WebCore 0x4d32a2ca6 allocate + 23 (AllocatorInlines.h:35) [inlined]
47 WebCore 0x4d32a2ca6 allocate + 59 (IsoSubspaceInlines.h:36) [inlined]
48 WebCore 0x4d32a2ca6 tryAllocateCellHelper<WebCore::JSLocalDOMWindow, JSC::AllocationFailureMode::Assert> + 59 (JSCellInlines.h:175) [inlined]
49 WebCore 0x4d32a2ca6 void* JSC::allocateCell<WebCore::JSLocalDOMWindow>(JSC::VM&, unsigned long) + 150 (JSCellInlines.h:191)
50 WebCore 0x4d3281095 create + 13 (JSLocalDOMWindow.h:40) [inlined]
51 WebCore 0x4d3281095 WebCore::JSWindowProxy::setWindow(WebCore::DOMWindow&) + 613 (JSWindowProxy.cpp:112)
52 WebCore 0x4d32a210b WebCore::WindowProxy::setDOMWindow(WebCore::DOMWindow*) + 459 (WindowProxy.cpp:173)
53 WebCore 0x4d3b0e4af WebCore::FrameLoader::clear(WTF::RefPtr<WebCore::Document, WTF::RawPtrTraits<WebCore::Document>, WTF::DefaultRefDerefTraits<WebCore::Document> >&&, bool, bool, bool, WTF::Function<void ()>&&) + 495 (FrameLoader.cpp:707)
54 WebCore 0x4d3aebb23 WebCore::DocumentWriter::begin(WTF::URL const&, bool, WebCore::Document*, WebCore::ProcessQualified<WTF::UUID>, WebCore::NavigationAction const*) + 499 (DocumentWriter.cpp:171)
55 WebCore 0x4d3ae6664 WebCore::DocumentLoader::commitData(WebCore::SharedBuffer const&) + 308 (DocumentLoader.cpp:1248)
56 WebKit 0x4c5aec952 WebKit::WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader*, WebCore::SharedBuffer const&) + 58 (WebFrameLoaderClient.cpp:1247)
57 WebCore 0x4d3aeb866 WebCore::DocumentLoader::commitLoad(WebCore::SharedBuffer const&) + 182 (DocumentLoader.cpp:1212)
58 WebCore 0x4d3d35b58 operator() + 13 (Function.h:82) [inlined]
59 WebCore 0x4d3d35b58 WebCore::FragmentedSharedBuffer::forEachSegmentAsSharedBuffer(WTF::Function<void (WTF::Ref<WebCore::SharedBuffer, WTF::RawPtrTraits<WebCore::SharedBuffer> >&&)> const&) const + 152 (SharedBuffer.cpp:284)
60 WebCore 0x4d3ba5cc8 WebCore::CachedRawResource::didAddClient(WebCore::CachedResourceClient&)::$_0::operator()(WebCore::ResourceRequest&&)::'lambda'()::operator()() const + 152 (CachedRawResource.cpp:178)
61 WebCore 0x4d3afd70b operator() + 9 (Function.h:82) [inlined]
62 WebCore 0x4d3afd70b operator() + 17 (CompletionHandler.h:75) [inlined]
63 WebCore 0x4d3afd70b operator() + 71 (DocumentLoader.cpp:1029) [inlined]
64 WebCore 0x4d3afd70b WTF::Detail::CallableWrapper<WebCore::DocumentLoader::responseReceived(WebCore::ResourceResponse const&, WTF::CompletionHandler<void ()>&&)::$_9, void, WebCore::PolicyAction, WebCore::ProcessQualified<WTF::ObjectIdentifier<WebCore::LocalPolicyCheckIdentifierType> > >::call(WebCore::PolicyAction, WebCore::ProcessQualified<WTF::ObjectIdentifier<WebCore::LocalPolicyCheckIdentifierType> >) + 75 (Function.h:53)
65 WebKit 0x4c5b1dd69 operator() + 9 (Function.h:82) [inlined]
66 WebKit 0x4c5b1dd69 WebKit::WebFrame::didReceivePolicyDecision(unsigned long long, WebKit::PolicyDecision&&) + 227 (WebFrame.cpp:440)
67 WebKit 0x4c5bada42 WebKit::WebPage::didReceivePolicyDecision(WebCore::ProcessQualified<WTF::ObjectIdentifier<WebCore::FrameIdentifierType> >, unsigned long long, WebKit::PolicyDecision&&) + 268 (WebPage.cpp:3809)
68 WebKit 0x4c5bc5cad operator()<WebCore::ProcessQualified<WTF::ObjectIdentifier<WebCore::FrameIdentifierType> >, unsigned long long, WebKit::PolicyDecision> + 23 (HandleMessage.h:136) [inlined]
69 WebKit 0x4c5bc5cad */HandleMessage.h:135:9), WebCore::ProcessQualified<WTF::ObjectIdentifier<WebCore::FrameIdentifierType> >, unsigned long long, WebKit::PolicyDecision> + 23 (type_traits:3924) [inlined]
70 WebKit 0x4c5bc5cad */HandleMessage.h:135:9), std::__1::tuple<WebCore::ProcessQualified<WTF::ObjectIdentifier<WebCore::FrameIdentifierType> >, unsigned long long, WebKit::PolicyDecision>, 0UL, 1UL, 2UL> + 30 (tuple:1536) [inlined]
71 WebKit 0x4c5bc5cad */HandleMessage.h:135:9), std::__1::tuple<WebCore::ProcessQualified<WTF::ObjectIdentifier<WebCore::FrameIdentifierType> >, unsigned long long, WebKit::PolicyDecision> > + 30 (tuple:1545) [inlined]
72 WebKit 0x4c5bc5cad callMemberFunction<WebKit::WebPage, WebKit::WebPage, void (WebCore::ProcessQualified<WTF::ObjectIdentifier<WebCore::FrameIdentifierType> >, unsigned long long, WebKit::PolicyDecision &&), std::__1::tuple<WebCore::ProcessQualified<WTF::ObjectIdentifier<WebCore::FrameIdentifierType> >, unsigned long long, WebKit::PolicyDecision> > + 30 (HandleMessage.h:134) [inlined]
73 WebKit 0x4c5bc5cad handleMessage<Messages::WebPage::DidReceivePolicyDecision, WebKit::WebPage, WebKit::WebPage, void (WebCore::ProcessQualified<WTF::ObjectIdentifier<WebCore::FrameIdentifierType> >, unsigned long long, WebKit::PolicyDecision &&)> + 55 (HandleMessage.h:236) [inlined]
74 WebKit 0x4c5bc5cad WebKit::WebPage::didReceiveWebPageMessage(IPC::Connection&, IPC::Decoder&) + 333 (WebPageMessageReceiver.cpp:579)
75 WebKit 0x4c5c9a918 IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) + 250 (MessageReceiverMap.cpp:129)
76 WebKit 0x4c596bb2c WebKit::WebProcess::didReceiveMessage(IPC::Connection&, IPC::Decoder&) + 28 (WebProcess.cpp:931)
77 WebKit 0x4c5c9654a IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) + 240 (Connection.cpp:1245)
78 WebKit 0x4c5c966db IPC::Connection::dispatchOneIncomingMessage() + 169 (Connection.cpp:1310)
79 JavaScriptCore 0x4cbf65bff operator() + 9 (Function.h:82) [inlined]
80 JavaScriptCore 0x4cbf65bff WTF::RunLoop::performWork() + 415 (RunLoop.cpp:147)
81 JavaScriptCore 0x4cbf66632 WTF::RunLoop::performWork(void*) + 34 (RunLoopCF.cpp:46)
82 CoreFoundation 0x7ff80568917b __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
83 CoreFoundation 0x7ff8056890e3 __CFRunLoopDoSource0 + 180
84 CoreFoundation 0x7ff805688e5d __CFRunLoopDoSources0 + 242
85 CoreFoundation 0x7ff805687878 __CFRunLoopRun + 892
86 CoreFoundation 0x7ff805686e3c CFRunLoopRunSpecific + 562
87 Foundation 0x7ff8064e4d4a -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 216
88 Foundation 0x7ff80656f797 -[NSRunLoop(NSRunLoop) run] + 76
89 libxpc.dylib 0x7ff80530a786 _xpc_objc_main + 773
90 libxpc.dylib 0x7ff80530a1a9 xpc_main + 99
91 WebKit 0x4c54f5e9c WebKit::XPCServiceMain(int, char const**) + 60 (XPCServiceMain.mm:260)
92 dyld 0x102efb52e start + 462
Full crash log attached to bug.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230323/5cf1134f/attachment-0001.htm>
More information about the webkit-unassigned
mailing list