Issue 14330 in v8: mjsunit/harmony/atomics-waitasync-1thread-wake-up-all starts flaking
3 views
Skip to first unread message
mache… via monorail
Sep 20, 2023, 10:42:28 AM9/20/23
to v8-re...@googlegroups.com
Status: Assigned
Owner: clem...@chromium.org
Labels: Hotlist-Flake
Priority: 1
Type: Bug
New issue 14330 by mache...@chromium.org: mjsunit/harmony/atomics-waitasync-1thread-wake-up-all starts flaking
https://bugs.chromium.org/p/v8/issues/detail?id=14330
Failing test: mjsunit/harmony/atomics-waitasync-1thread-wake-up-all
Failure link: https://cr-buildbucket.appspot.com/build/8769474026570519969
Link to Flako run: https://ci.chromium.org/ui/p/v8/builders/try.triggered/v8_flako/b8769428500724574017/overview
Suspected commit: https://chromium.googlesource.com/v8/v8/+/8dddae12e2250acf0bca3b41f7e22e32c4f0d202
Crash type: DCHECK failure
Crash state:
array_buffer->GetBackingStore() == node->async_state_->backing_store.lock() in f
Error summary:
#
# Fatal error in ../../src/execution/futex-emulation.cc, line 1010
# Debug check failed: array_buffer->GetBackingStore() == node->async_state_->backing_store.lock() (0xe7040860 vs. 0x57664200).
#
#
#
#FailureMessage Object: 0xe73fe740
==== C stack trace ===============================
/b/s/w/ir/out/build/libv8_libbase.so(v8::base::debug::StackTrace::StackTrace()+0x1f) [0xf7f897af]
/b/s/w/ir/out/build/libv8_libplatform.so(+0x17044) [0xf7f34044]
/b/s/w/ir/out/build/libv8_libbase.so(V8_Fatal(char const*, int, char const*, ...)+0xc9) [0xf7f684b9]
/b/s/w/ir/out/build/libv8_libbase.so(+0x26f56) [0xf7f67f56]
/b/s/w/ir/out/build/libv8_libbase.so(V8_Dcheck(char const*, int, char const*)+0x23) [0xf7f684f3]
/b/s/w/ir/out/build/libv8.so(v8::internal::FutexEmulation::NumUnresolvedAsyncPromisesForTesting(v8::internal::Tagged<v8::internal::JSArrayBuffer>, unsigned int)+0x275) [0xf601c595]
/b/s/w/ir/out/build/libv8.so(+0x29ccedb) [0xf6bccedb]
/b/s/w/ir/out/build/libv8.so(v8::internal::Runtime_AtomicsNumUnresolvedAsyncPromisesForTesting(int, unsigned int*, v8::internal::Isolate*)+0x7d) [0xf6bcc77d]
/b/s/w/ir/out/build/libv8.so(+0x125aff7) [0xf545aff7]
Crash analysis hash: f6d085032436e417f1fe25b608704fa5
--
You received this message because:
1. The project was configured to send all issue notifications to this address
You may adjust your notification preferences at:
https://bugs.chromium.org/hosting/settings
Owner: clem...@chromium.org
Labels: Hotlist-Flake
Priority: 1
Type: Bug
New issue 14330 by mache...@chromium.org: mjsunit/harmony/atomics-waitasync-1thread-wake-up-all starts flaking
https://bugs.chromium.org/p/v8/issues/detail?id=14330
Failing test: mjsunit/harmony/atomics-waitasync-1thread-wake-up-all
Failure link: https://cr-buildbucket.appspot.com/build/8769474026570519969
Link to Flako run: https://ci.chromium.org/ui/p/v8/builders/try.triggered/v8_flako/b8769428500724574017/overview
Suspected commit: https://chromium.googlesource.com/v8/v8/+/8dddae12e2250acf0bca3b41f7e22e32c4f0d202
Crash type: DCHECK failure
Crash state:
array_buffer->GetBackingStore() == node->async_state_->backing_store.lock() in f
Error summary:
#
# Fatal error in ../../src/execution/futex-emulation.cc, line 1010
# Debug check failed: array_buffer->GetBackingStore() == node->async_state_->backing_store.lock() (0xe7040860 vs. 0x57664200).
#
#
#
#FailureMessage Object: 0xe73fe740
==== C stack trace ===============================
/b/s/w/ir/out/build/libv8_libbase.so(v8::base::debug::StackTrace::StackTrace()+0x1f) [0xf7f897af]
/b/s/w/ir/out/build/libv8_libplatform.so(+0x17044) [0xf7f34044]
/b/s/w/ir/out/build/libv8_libbase.so(V8_Fatal(char const*, int, char const*, ...)+0xc9) [0xf7f684b9]
/b/s/w/ir/out/build/libv8_libbase.so(+0x26f56) [0xf7f67f56]
/b/s/w/ir/out/build/libv8_libbase.so(V8_Dcheck(char const*, int, char const*)+0x23) [0xf7f684f3]
/b/s/w/ir/out/build/libv8.so(v8::internal::FutexEmulation::NumUnresolvedAsyncPromisesForTesting(v8::internal::Tagged<v8::internal::JSArrayBuffer>, unsigned int)+0x275) [0xf601c595]
/b/s/w/ir/out/build/libv8.so(+0x29ccedb) [0xf6bccedb]
/b/s/w/ir/out/build/libv8.so(v8::internal::Runtime_AtomicsNumUnresolvedAsyncPromisesForTesting(int, unsigned int*, v8::internal::Isolate*)+0x7d) [0xf6bcc77d]
/b/s/w/ir/out/build/libv8.so(+0x125aff7) [0xf545aff7]
Crash analysis hash: f6d085032436e417f1fe25b608704fa5
--
You received this message because:
1. The project was configured to send all issue notifications to this address
You may adjust your notification preferences at:
https://bugs.chromium.org/hosting/settings
cleme… via monorail
Sep 22, 2023, 9:33:41 AM9/22/23
to v8-re...@googlegroups.com
Updates:
Cc: dleh...@chromium.org
Status: Started
Comment #1 on issue 14330 by clem...@chromium.org: mjsunit/harmony/atomics-waitasync-1thread-wake-up-all starts flaking
https://bugs.chromium.org/p/v8/issues/detail?id=14330#c1
Thanks for filing - I refactored this recently.
I couldn't reproduce locally yet. Also tried lowering the memory limits, but still no success.
I think I'll upload a CL to get more output on that failure.
Cc: dleh...@chromium.org
Status: Started
Comment #1 on issue 14330 by clem...@chromium.org: mjsunit/harmony/atomics-waitasync-1thread-wake-up-all starts flaking
https://bugs.chromium.org/p/v8/issues/detail?id=14330#c1
Thanks for filing - I refactored this recently.
I couldn't reproduce locally yet. Also tried lowering the memory limits, but still no success.
I think I'll upload a CL to get more output on that failure.
mache… via monorail
Sep 25, 2023, 4:04:23 AM9/25/23
to v8-re...@googlegroups.com
Comment #2 on issue 14330 by mache...@chromium.org: mjsunit/harmony/atomics-waitasync-1thread-wake-up-all starts flaking
https://bugs.chromium.org/p/v8/issues/detail?id=14330#c2
Did you try using the local stress run? I.e. form output:
Local flake reproduction on command line:
tools/run-tests.py --outdir=SET_OUTDIR_HERE --variants=stress_incremental_marking --random-seed-stress-count=1000000 --total-timeout-sec=120 --exit-after-n-failures=1 --isolates mjsunit/harmony/atomics-waitasync-1thread-wake-up-all
cleme… via monorail
Sep 25, 2023, 5:38:04 AM9/25/23
to v8-re...@googlegroups.com
Comment #3 on issue 14330 by clem...@chromium.org: mjsunit/harmony/atomics-waitasync-1thread-wake-up-all starts flaking
https://bugs.chromium.org/p/v8/issues/detail?id=14330#c3
Yes, that's what I tried, but without success.
cleme… via monorail
Sep 25, 2023, 6:00:42 AM9/25/23
to v8-re...@googlegroups.com
Updates:
Cc: ma...@chromium.org
Comment #4 on issue 14330 by clem...@chromium.org: mjsunit/harmony/atomics-waitasync-1thread-wake-up-all starts flaking
https://bugs.chromium.org/p/v8/issues/detail?id=14330#c4
+Marja for context on https://crrev.com/c/4887389.
Note that the DCHECK is new, the old code just checked if the backing stores are identical and ignored the node otherwise: https://crrev.com/c/4852740/4/src/execution/futex-emulation.cc (line 1021 in the new code).
Cc: ma...@chromium.org
Comment #4 on issue 14330 by clem...@chromium.org: mjsunit/harmony/atomics-waitasync-1thread-wake-up-all starts flaking
https://bugs.chromium.org/p/v8/issues/detail?id=14330#c4
+Marja for context on https://crrev.com/c/4887389.
Note that the DCHECK is new, the old code just checked if the backing stores are identical and ignored the node otherwise: https://crrev.com/c/4852740/4/src/execution/futex-emulation.cc (line 1021 in the new code).
mache… via monorail
Sep 25, 2023, 6:34:52 AM9/25/23
to v8-re...@googlegroups.com
Comment #5 on issue 14330 by mache...@chromium.org: mjsunit/harmony/atomics-waitasync-1thread-wake-up-all starts flaking
https://bugs.chromium.org/p/v8/issues/detail?id=14330#c5
On my laptop I get a near instant repro with the build from the bot:
# (if needed, use "\${platform}" as-is) cipd install "infra/tools/luci/cas/\${platform}" -root bar
# (if needed) ./bar/cas login
./bar/cas download -cas-instance projects/chromium-swarm/instances/default_instance -digest b72aa316318a46e5b0fd80aa5cd9bd04d3744b75f821b25cf22511e186341f96/320 -dir foo
cd foo
tools/run-tests.py --outdir=out/build --variants=stress_incremental_marking --random-seed-stress-count=1000000 --total-timeout-sec=120 --exit-after-n-failures=1 --isolates mjsunit/harmony/atomics-waitasync-1thread-wake-up-all
cleme… via monorail
Sep 25, 2023, 6:56:13 AM9/25/23
to v8-re...@googlegroups.com
Comment #6 on issue 14330 by clem...@chromium.org: mjsunit/harmony/atomics-waitasync-1thread-wake-up-all starts flaking
https://bugs.chromium.org/p/v8/issues/detail?id=14330#c6
Ha, I missed that this needs the `--isolates` flag.
Now I can reproduce. Thanks a lot, the CL for more debug output doesn't need to land then :)
Git Watcher via monorail
Sep 28, 2023, 10:41:09 AM9/28/23
to v8-re...@googlegroups.com
Updates:
Status: Fixed
Comment #7 on issue 14330 by Git Watcher: mjsunit/harmony/atomics-waitasync-1thread-wake-up-all starts flaking
https://bugs.chromium.org/p/v8/issues/detail?id=14330#c7
The following revision refers to this bug:
https://chromium.googlesource.com/v8/v8/+/37afe4c48bef55359524e8dc2d8acce576f2b789
commit 37afe4c48bef55359524e8dc2d8acce576f2b789
Author: Clemens Backes <clem...@chromium.org>
Date: Mon Sep 25 12:12:55 2023
[futex] Fix DCHECK error
This fixes the order of checks to first check the wait location and only
then DCHECK that the backing stores must be equal. Otherwise we can
trivially get wrong DCHECK failures if more than one backing store is
involved.
R=ma...@chromium.org
CC=dleh...@chromium.org
Fixed: v8:14330
Change-Id: I5f07e5583b0e958e28ec171e5cb671fb1e395675
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4890261
Reviewed-by: Daniel Lehmann <dleh...@chromium.org>
Commit-Queue: Clemens Backes <clem...@chromium.org>
Reviewed-by: Marja Hölttä <ma...@chromium.org>
Cr-Commit-Position: refs/heads/main@{#90188}
[modify] https://crrev.com/37afe4c48bef55359524e8dc2d8acce576f2b789/src/execution/futex-emulation.cc
Status: Fixed
Comment #7 on issue 14330 by Git Watcher: mjsunit/harmony/atomics-waitasync-1thread-wake-up-all starts flaking
https://bugs.chromium.org/p/v8/issues/detail?id=14330#c7
The following revision refers to this bug:
https://chromium.googlesource.com/v8/v8/+/37afe4c48bef55359524e8dc2d8acce576f2b789
commit 37afe4c48bef55359524e8dc2d8acce576f2b789
Author: Clemens Backes <clem...@chromium.org>
Date: Mon Sep 25 12:12:55 2023
[futex] Fix DCHECK error
This fixes the order of checks to first check the wait location and only
then DCHECK that the backing stores must be equal. Otherwise we can
trivially get wrong DCHECK failures if more than one backing store is
involved.
R=ma...@chromium.org
CC=dleh...@chromium.org
Fixed: v8:14330
Change-Id: I5f07e5583b0e958e28ec171e5cb671fb1e395675
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4890261
Reviewed-by: Daniel Lehmann <dleh...@chromium.org>
Commit-Queue: Clemens Backes <clem...@chromium.org>
Reviewed-by: Marja Hölttä <ma...@chromium.org>
Cr-Commit-Position: refs/heads/main@{#90188}
[modify] https://crrev.com/37afe4c48bef55359524e8dc2d8acce576f2b789/src/execution/futex-emulation.cc
Reply all
Reply to author
Forward
0 new messages