Bug 160665

Summary: Regression(r204239): Caused flaky crashes under ~Database()
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: WebCore Misc.Assignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, ap, beidson, darin, gyuyoung.kim, ryanhaddad, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 159965    
Attachments:
Description Flags
Patch none

Chris Dumez
Reported 2016-08-08 11:36:28 PDT
Regression(r204239): Caused flaky crashes under ~Database(): Thread 40 Crashed:: WebCore: Database 0 com.apple.JavaScriptCore 0x000000010ab9d887 WTFCrash + 39 1 com.apple.WebCore 0x000000010fc7bbf5 WebCore::Node::ref() + 69 2 com.apple.WebCore 0x000000011037ff05 WebCore::Document::refScriptExecutionContext() + 21 3 com.apple.WebCore 0x000000011037fffc non-virtual thunk to WebCore::Document::refScriptExecutionContext() + 28 4 com.apple.WebCore 0x000000011028ea79 WebCore::ScriptExecutionContext::ref() + 25 5 com.apple.WebCore 0x000000011028ea51 void WTF::refIfNotNull<WebCore::ScriptExecutionContext>(WebCore::ScriptExecutionContext*) + 49 6 com.apple.WebCore 0x0000000110292316 WTF::RefPtr<WebCore::ScriptExecutionContext>::RefPtr(WTF::RefPtr<WebCore::ScriptExecutionContext> const&) + 38 7 com.apple.WebCore 0x0000000110288e7d WTF::RefPtr<WebCore::ScriptExecutionContext>::RefPtr(WTF::RefPtr<WebCore::ScriptExecutionContext> const&) + 29 8 com.apple.WebCore 0x0000000110281f04 WebCore::Database::~Database() + 148 9 com.apple.WebCore 0x00000001102820b5 WebCore::Database::~Database() + 21 10 com.apple.WebCore 0x00000001102820d9 WebCore::Database::~Database() + 25 11 com.apple.WebCore 0x00000001102927a3 WTF::ThreadSafeRefCounted<WebCore::Database>::deref() + 83 12 com.apple.WebCore 0x000000011029ecaa void WTF::derefIfNotNull<WebCore::Database>(WebCore::Database*) + 58 13 com.apple.WebCore 0x000000011029ec63 WTF::RefPtr<WebCore::Database>::~RefPtr() + 83 14 com.apple.WebCore 0x000000011029b9d5 WTF::RefPtr<WebCore::Database>::~RefPtr() + 21 15 com.apple.WebCore 0x00000001102a4484 WTF::HashTable<WTF::RefPtr<WebCore::Database>, WTF::RefPtr<WebCore::Database>, WTF::IdentityExtractor, WTF::PtrHash<WTF::RefPtr<WebCore::Database> >, WTF::HashTraits<WTF::RefPtr<WebCore::Database> >, WTF::HashTraits<WTF::RefPtr<WebCore::Database> > >::deallocateTable(WTF::RefPtr<WebCore::Database>*, unsigned int) + 84 16 com.apple.WebCore 0x00000001102a425e WTF::HashTable<WTF::RefPtr<WebCore::Database>, WTF::RefPtr<WebCore::Database>, WTF::IdentityExtractor, WTF::PtrHash<WTF::RefPtr<WebCore::Database> >, WTF::HashTraits<WTF::RefPtr<WebCore::Database> >, WTF::HashTraits<WTF::RefPtr<WebCore::Database> > >::~HashTable() + 62 17 com.apple.WebCore 0x00000001102a4215 WTF::HashTable<WTF::RefPtr<WebCore::Database>, WTF::RefPtr<WebCore::Database>, WTF::IdentityExtractor, WTF::PtrHash<WTF::RefPtr<WebCore::Database> >, WTF::HashTraits<WTF::RefPtr<WebCore::Database> >, WTF::HashTraits<WTF::RefPtr<WebCore::Database> > >::~HashTable() + 21 18 com.apple.WebCore 0x00000001102a41f5 WTF::HashSet<WTF::RefPtr<WebCore::Database>, WTF::PtrHash<WTF::RefPtr<WebCore::Database> >, WTF::HashTraits<WTF::RefPtr<WebCore::Database> > >::~HashSet() + 21 19 com.apple.WebCore 0x00000001102a3975 WTF::HashSet<WTF::RefPtr<WebCore::Database>, WTF::PtrHash<WTF::RefPtr<WebCore::Database> >, WTF::HashTraits<WTF::RefPtr<WebCore::Database> > >::~HashSet() + 21 20 com.apple.WebCore 0x00000001102a2d37 WebCore::DatabaseThread::databaseThread() + 1095 21 com.apple.WebCore 0x00000001102a287d WebCore::DatabaseThread::databaseThreadStart(void*) + 29 22 com.apple.JavaScriptCore 0x000000010ac10629 WTF::createThread(void (*)(void*), void*, char const*)::$_0::operator()() const + 25 23 com.apple.JavaScriptCore 0x000000010ac105fd void std::__1::__invoke_void_return_wrapper<void>::__call<WTF::createThread(void (*)(void*), void*, char const*)::$_0&>(WTF::createThread(void (*)(void*), void*, char const*)::$_0&&&) + 45 24 com.apple.JavaScriptCore 0x000000010ac1059c std::__1::__function::__func<WTF::createThread(void (*)(void*), void*, char const*)::$_0, std::__1::allocator<WTF::createThread(void (*)(void*), void*, char const*)::$_0>, void ()>::operator()() + 44 25 com.apple.JavaScriptCore 0x000000010a21dffa std::__1::function<void ()>::operator()() const + 26 26 com.apple.JavaScriptCore 0x000000010ac0f1fe WTF::threadEntryPoint(void*) + 158 27 com.apple.JavaScriptCore 0x000000010ac10ca1 WTF::wtfThreadEntryPoint(void*) + 289 28 libsystem_pthread.dylib 0x00007fff9660999d _pthread_body + 131 29 libsystem_pthread.dylib 0x00007fff9660991a _pthread_start + 168 30 libsystem_pthread.dylib 0x00007fff96607351 thread_start + 13
Attachments
Patch (2.43 KB, patch)
2016-08-08 11:49 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2016-08-08 11:36:49 PDT
<rdar://problem/27748065>
Chris Dumez
Comment 2 2016-08-08 11:49:48 PDT
Created attachment 285576 [details] Patch
Chris Dumez
Comment 3 2016-08-08 12:41:03 PDT
Comment on attachment 285576 [details] Patch Clearing flags on attachment: 285576 Committed r204262: <http://trac.webkit.org/changeset/204262>
Chris Dumez
Comment 4 2016-08-08 12:41:09 PDT
All reviewed patches have been landed. Closing bug.
Gyuyoung Kim
Comment 5 2016-08-08 17:52:36 PDT
(In reply to comment #3) > Comment on attachment 285576 [details] > Patch > > Clearing flags on attachment: 285576 > > Committed r204262: <http://trac.webkit.org/changeset/204262> Thanks for the fix, Chris !
Note You need to log in before you can comment on or make changes to this bug.