[Webkit-unassigned] [Bug 274749] New: The stack-overflow-in-syntax-checker.js JSC stress test is flaky.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon May 27 03:04:43 PDT 2024 

https://bugs.webkit.org/show_bug.cgi?id=274749

            Bug ID: 274749
           Summary: The stack-overflow-in-syntax-checker.js JSC stress
                    test is flaky.
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Keywords: InRadar
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mark.lam at apple.com

We observed that the stack-overflow-in-syntax-checker.js test is flaky.  After a lot of investigation, the issue turns out to be a test issue:

1. The test starts a worker thread using $262.agent.start.
2. The worker thread will always fail to parse its script: the script will cause the parser will recurse too deeply, thereby resulting in a StackOverflowError.
3. Since the StackOverflowError occurs during parsing, adding a try-catch block around the worker payload script (in 279015 at main) does not help.
4. If the worker thread throws the StackOverflowError, and propagate it all the way out, resulting in an uncaught exception before the main thread terminates, this will result in the process exiting with EXIT_FAILURE.  The test fails.
5. On the other hand, if the main thread finishes first before the worker thread can exit with EXIT_FAILURE, then the test passes.

The test is flaky because its result is dependent on whether the main thread or the worker thread wins the race.

This purpose of this test is to ensure that the stack overflow in the parser does not result in a crash.  Hence, whether we get an uncaught exception or not is irrelevant and should not fail the test.

The fix is to add a new `--ignoreUncaughtExceptions` option to the jsc shell, and require that option for this test.

rdar://128786930

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20240527/17dd1c5d/attachment.htm>

More information about the webkit-unassigned mailing list