[WinCairo] ASSERTION FAILED: m_wrapper in WebCore::JSEventListener::ensureJSFunction for fast/workers/worker-gc.html WinCairo Debug WK1 and WK2 is reporting an assertion failure for the following tests. fast/workers/worker-init.html fast/workers/worker-gc.html stderr: ASSERTION FAILED: m_wrapper C:\home\webkit\gb\Source\WebCore\bindings\js\JSEventListener.h(157) : WebCore::JSEventListener::ensureJSFunction 1 00007FFD3C60248B WTFCrash 2 00007FFCD3BBCE7E WTFCrashWithInfo 3 00007FFCD6276227 WebCore::JSEventListener::ensureJSFunction 4 00007FFCD625EAAA WebCore::JSEventListener::handleEvent 5 00007FFCD6B0A201 WebCore::EventTarget::innerInvokeEventListeners 6 00007FFCD6B09AEB WebCore::EventTarget::fireEventListeners 7 00007FFCD6B0938C WebCore::EventTarget::dispatchEvent 8 00007FFCD8765B5F WebCore::Worker::dispatchEvent 9 00007FFCD8773ACF ``WebCore::WorkerMessagingProxy::postMessageToWorkerObject'::`2'::<lambda_1>::operator()<WebCore::ScriptExecutionContext>'::`2'::<lambda_1>::operator() 10 00007FFCD8773E3B WTF::Detail::CallableWrapper<``WebCore::WorkerMessagingProxy::postMessageToWorkerObject'::`2'::<lambda_1>::operator()<WebCore::ScriptExecutionContext>'::`2'::<lambda_1>,void>::call 11 00007FFCD3BC9E34 WTF::Function<void __cdecl(void)>::operator() 12 00007FFCD879366B `WebCore::ActiveDOMObject::queueTaskKeepingObjectAlive<WebCore::Worker>'::`2'::<lambda_1>::operator() 13 00007FFCD879519B WTF::Detail::CallableWrapper<`WebCore::ActiveDOMObject::queueTaskKeepingObjectAlive<WebCore::Worker>'::`2'::<lambda_1>,void>::call 14 00007FFCD3BC9E34 WTF::Function<void __cdecl(void)>::operator() 15 00007FFCD6B3559B WebCore::EventLoopFunctionDispatchTask::execute 16 00007FFCD6B121DE WebCore::EventLoop::run 17 00007FFCD6C7B4D8 WebCore::WindowEventLoop::didReachTimeToRun 18 00007FFCD6C91C4A std::invoke<void (__cdecl WebCore::WindowEventLoop::*&)(void),WebCore::WindowEventLoop * &> 19 00007FFCD6C8ACBE std::_Invoker_ret<std::_Unforced>::_Call<void (__cdecl WebCore::WindowEventLoop::*&)(void),WebCore::WindowEventLoop * &> 20 00007FFCD6C8AD21 std::_Call_binder<std::_Unforced,0,void (__cdecl WebCore::WindowEventLoop::*)(void),std::tuple<WebCore::WindowEventLoop *>,std::tuple<> > 21 00007FFCD6C8A95B std::_Binder<std::_Unforced,void (__cdecl WebCore::WindowEventLoop::*&)(void),WebCore::WindowEventLoop *>::operator()<> 22 00007FFCD6C9A7AB WTF::Detail::CallableWrapper<std::_Binder<std::_Unforced,void (__cdecl WebCore::WindowEventLoop::*&)(void),WebCore::WindowEventLoop *>,void>::call 23 00007FFCD3BC9E34 WTF::Function<void __cdecl(void)>::operator() 24 00007FFCD3BCAD3B WebCore::Timer::fired 25 00007FFCD7A0E2C8 WebCore::ThreadTimers::sharedTimerFiredInternal 26 00007FFCD7A0FC3F `WebCore::ThreadTimers::setSharedTimer'::`8'::<lambda_1>::operator() 27 00007FFCD7A1650B WTF::Detail::CallableWrapper<`WebCore::ThreadTimers::setSharedTimer'::`8'::<lambda_1>,void>::call 28 00007FFCD3BC9E34 WTF::Function<void __cdecl(void)>::operator() 29 00007FFCD79ABD87 WebCore::MainThreadSharedTimer::fired 30 00007FFCD411082A WebCore::TimerWindowWndProc 31 00007FFD7EEDE858 CallWindowProcW
Do we have a regression point?
This isn't a recent regression. The tests has been skipped for WinCairo since 2018 (200180@main).
Bug 194596 – [ Mac Debug ] ASSERTION FAILED: Layout Test performance-api/performance-observer-basic.html is a flaky crash It looks like a similar problem.
Both tests started flaky failures for WinCairo Release since 255605@main. https://results.webkit.org/?suite=layout-tests&suite=layout-tests&test=fast%2Fworkers%2Fworker-gc.html&test=fast%2Fworkers%2Fworker-init.html&platform=wincairo This can be a recent regression or just a race condition depending on the bot machine condition.
Created attachment 463454 [details] WIP patch I don't know why this patch fixes the bug. Compiler bug?
Created attachment 463489 [details] repro.cpp
Reported the bug to MSVC team. -std:c++20 switch generates a wrong program for code with a template and a generic lambda capture https://developercommunity.visualstudio.com/t/-std:c20-switch-generates-a-wrong-prog/10198407
Created attachment 463513 [details] Patch
Comment on attachment 463513 [details] Patch Thank you for the review.
Committed 256669@main (1c7ad9614acd): <https://commits.webkit.org/256669@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 463513 [details].
<rdar://problem/102333724>
Comment on attachment 463513 [details] Patch Something that occurred to me after the fact is that we usually leave comments behind so that someone doesn’t just change the code back without realizing there’s a special consideration because of the MSVC bug.
Reopening to attach new patch.
Created attachment 463525 [details] Patch
Committed 256684@main (d5130c84e256): <https://commits.webkit.org/256684@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 463525 [details].