Bug 165124

Summary:

ASSERTION FAILED: m_scriptExecutionContext->isContextThread() seen with LayoutTest crypto/subtle/rsa-oaep-generate-key-encrypt-decrypt.html

Product:

WebKit

Reporter:

Ryan Haddad <ryanhaddad>

Component:

New Bugs

Assignee:

Jiewen Tan <jiewen_tan>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

aestes, bfulgham, commit-queue, darin, dbates, jiewen_tan, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

Other

Hardware:

Unspecified

OS:

Unspecified

Bug Depends on:

Bug Blocks:

160880

Attachments:

Description	Flags
Crash log	none
Patch	dbates: review+
Patch for landing	none

Ryan Haddad

Reported 2016-11-28 16:50:20 PST

https://build.webkit.org/results/Apple%20El%20Capitan%20Debug%20WK2%20(Tests)/r209022%20(9615)/results.html https://webkit-test-results.webkit.org/dashboards/flakiness_dashboard.html#showAllRuns=true&tests=crypto%2Fsubtle%2Frsa-oaep-generate-key-encrypt-decrypt.html ASSERTION FAILED: m_scriptExecutionContext->isContextThread() /Volumes/Data/slave/elcapitan-debug/build/Source/WebCore/dom/ContextDestructionObserver.cpp(48) : void WebCore::ContextDestructionObserver::observeContext(WebCore::ScriptExecutionContext *) 1 0x10b0ef320 WTFCrash 2 0x10db7a968 WebCore::ContextDestructionObserver::observeContext(WebCore::ScriptExecutionContext*) 3 0x10db7aa5a WebCore::ContextDestructionObserver::~ContextDestructionObserver() 4 0x10d80cb75 WebCore::ActiveDOMCallback::~ActiveDOMCallback() 5 0x10ea68c69 WebCore::DeferredPromise::~DeferredPromise() 6 0x10ea68da5 WebCore::DeferredPromise::~DeferredPromise() 7 0x10ea68dc9 WebCore::DeferredPromise::~DeferredPromise() 8 0x10d8e6b83 WTF::RefCounted<WebCore::DeferredPromise>::deref() const 9 0x10d8e6b27 WTF::Ref<WebCore::DeferredPromise>::~Ref() 10 0x10d8e6ae5 WTF::Ref<WebCore::DeferredPromise>::~Ref() 11 0x10efc01d5 WebCore::jsSubtleCryptoFunctionEncryptPromise(JSC::ExecState&, WTF::Ref<WebCore::DeferredPromise>&&)::$_1::~$_1() 12 0x10efbeee5 WebCore::jsSubtleCryptoFunctionEncryptPromise(JSC::ExecState&, WTF::Ref<WebCore::DeferredPromise>&&)::$_1::~$_1() 13 0x10efbfdf5 WTF::Function<void (int)>::CallableWrapper<WebCore::jsSubtleCryptoFunctionEncryptPromise(JSC::ExecState&, WTF::Ref<WebCore::DeferredPromise>&&)::$_1>::~CallableWrapper() 14 0x10efbfd15 WTF::Function<void (int)>::CallableWrapper<WebCore::jsSubtleCryptoFunctionEncryptPromise(JSC::ExecState&, WTF::Ref<WebCore::DeferredPromise>&&)::$_1>::~CallableWrapper() 15 0x10efbfd39 WTF::Function<void (int)>::CallableWrapper<WebCore::jsSubtleCryptoFunctionEncryptPromise(JSC::ExecState&, WTF::Ref<WebCore::DeferredPromise>&&)::$_1>::~CallableWrapper() 16 0x10dbb7955 WTF::Function<void (int)>::~Function() 17 0x10dbb7855 WTF::Function<void (int)>::~Function() 18 0x10dbc6ba8 WebCore::CryptoAlgorithmRSA_OAEP::platformEncrypt(std::__1::unique_ptr<WebCore::CryptoAlgorithmParameters, std::__1::default_delete<WebCore::CryptoAlgorithmParameters> >&&, WTF::Ref<WebCore::CryptoKey>&&, WTF::Vector<unsigned char, 0ul, WTF::CrashOnOverflow, 16ul>&&, WTF::Function<void (WTF::Vector<unsigned char, 0ul, WTF::CrashOnOverflow, 16ul> const&)>&&, WTF::Function<void (int)>&&, WebCore::ScriptExecutionContext&, WTF::WorkQueue&)::$_0::~$_0() 19 0x10dbc60f5 WebCore::CryptoAlgorithmRSA_OAEP::platformEncrypt(std::__1::unique_ptr<WebCore::CryptoAlgorithmParameters, std::__1::default_delete<WebCore::CryptoAlgorithmParameters> >&&, WTF::Ref<WebCore::CryptoKey>&&, WTF::Vector<unsigned char, 0ul, WTF::CrashOnOverflow, 16ul>&&, WTF::Function<void (WTF::Vector<unsigned char, 0ul, WTF::CrashOnOverflow, 16ul> const&)>&&, WTF::Function<void (int)>&&, WebCore::ScriptExecutionContext&, WTF::WorkQueue&)::$_0::~$_0() 20 0x10dbc75b5 WTF::Function<void ()>::CallableWrapper<WebCore::CryptoAlgorithmRSA_OAEP::platformEncrypt(std::__1::unique_ptr<WebCore::CryptoAlgorithmParameters, std::__1::default_delete<WebCore::CryptoAlgorithmParameters> >&&, WTF::Ref<WebCore::CryptoKey>&&, WTF::Vector<unsigned char, 0ul, WTF::CrashOnOverflow, 16ul>&&, WTF::Function<void (WTF::Vector<unsigned char, 0ul, WTF::CrashOnOverflow, 16ul> const&)>&&, WTF::Function<void (int)>&&, WebCore::ScriptExecutionContext&, WTF::WorkQueue&)::$_0>::~CallableWrapper() 21 0x10dbc7315 WTF::Function<void ()>::CallableWrapper<WebCore::CryptoAlgorithmRSA_OAEP::platformEncrypt(std::__1::unique_ptr<WebCore::CryptoAlgorithmParameters, std::__1::default_delete<WebCore::CryptoAlgorithmParameters> >&&, WTF::Ref<WebCore::CryptoKey>&&, WTF::Vector<unsigned char, 0ul, WTF::CrashOnOverflow, 16ul>&&, WTF::Function<void (WTF::Vector<unsigned char, 0ul, WTF::CrashOnOverflow, 16ul> const&)>&&, WTF::Function<void (int)>&&, WebCore::ScriptExecutionContext&, WTF::WorkQueue&)::$_0>::~CallableWrapper() 22 0x10dbc7339 WTF::Function<void ()>::CallableWrapper<WebCore::CryptoAlgorithmRSA_OAEP::platformEncrypt(std::__1::unique_ptr<WebCore::CryptoAlgorithmParameters, std::__1::default_delete<WebCore::CryptoAlgorithmParameters> >&&, WTF::Ref<WebCore::CryptoKey>&&, WTF::Vector<unsigned char, 0ul, WTF::CrashOnOverflow, 16ul>&&, WTF::Function<void (WTF::Vector<unsigned char, 0ul, WTF::CrashOnOverflow, 16ul> const&)>&&, WTF::Function<void (int)>&&, WebCore::ScriptExecutionContext&, WTF::WorkQueue&)::$_0>::~CallableWrapper() 23 0x10b0905f5 WTF::Function<void ()>::~Function() 24 0x10b090535 WTF::Function<void ()>::~Function() 25 0x10b1723f5 WTF::WorkQueue::dispatch(WTF::Function<void ()>&&)::$_0::~$_0() 26 0x10b171fd5 WTF::WorkQueue::dispatch(WTF::Function<void ()>&&)::$_0::~$_0() 27 0x10b172503 WTF::BlockPtr<void ()> WTF::BlockPtr<void ()>::fromCallable<WTF::WorkQueue::dispatch(WTF::Function<void ()>&&)::$_0>(WTF::WorkQueue::dispatch(WTF::Function<void ()>&&)::$_0)::'lambda'(void const*)::operator()(void const*) const 28 0x10b1724d8 WTF::BlockPtr<void ()> WTF::BlockPtr<void ()>::fromCallable<WTF::WorkQueue::dispatch(WTF::Function<void ()>&&)::$_0>(WTF::WorkQueue::dispatch(WTF::Function<void ()>&&)::$_0)::'lambda'(void const*)::__invoke(void const*) 29 0x7fff95dce6b1 _Block_release 30 0x7fff81b3d40b _dispatch_client_callout 31 0x7fff81b4203b _dispatch_queue_drain LEAK: 23 WebProcessPool LEAK: 23 WebPageProxy

Attachments
Crash log (58.43 KB, text/plain) 2016-11-28 16:56 PST, Ryan Haddad	no flags	Details
Patch (9.50 KB, patch) 2016-11-28 19:05 PST, Jiewen Tan	dbates: review+	Details Formatted Diff Diff
Patch for landing (10.69 KB, patch) 2016-11-28 20:25 PST, Jiewen Tan	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Ryan Haddad

Comment 1 2016-11-28 16:50:49 PST

Test was added with http://trac.webkit.org/changeset/208918

Ryan Haddad

Comment 2 2016-11-28 16:55:38 PST

Also seen with crypto/subtle/rsaes-pkcs1-v1_5-generate-key-encrypt-decrypt.html: https://build.webkit.org/results/Apple%20Yosemite%20Debug%20WK2%20(Tests)/r209023%20(16398)/results.html

Ryan Haddad

Comment 3 2016-11-28 16:56:02 PST

Created attachment 295552 [details] Crash log

Jiewen Tan

Comment 4 2016-11-28 17:29:05 PST

Can't reproduce on my local machine. The stack trace seems wired as everything after frame 15 seems unreasonable.

Jiewen Tan

Comment 5 2016-11-28 17:32:24 PST

(In reply to comment #4) > Can't reproduce on my local machine. The stack trace seems wired as > everything after frame 15 seems unreasonable. Wait. Reproduced with --fully-parallel flag.

Jiewen Tan

Comment 6 2016-11-28 17:44:58 PST

I probably figured out the issue.

Jiewen Tan

Comment 7 2016-11-28 18:57:16 PST

<rdar://problem/29413805>

Jiewen Tan

Comment 8 2016-11-28 19:05:21 PST

Created attachment 295568 [details] Patch

Daniel Bates

Comment 9 2016-11-28 19:53:23 PST

Comment on attachment 295568 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=295568&action=review r=me > Source/WebCore/crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:85 > + context.postTask([exceptionCallback = WTFMove(exceptionCallback), ec = result.releaseException().code(), callback = WTFMove(callback)](ScriptExecutionContext& context) { You may want to consider adding a comment above this line that explains that we capture callback even though the lambda does not explicitly call it because callback must be destroyed on the main thread. > Source/WebCore/crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:91 > + context.postTask([callback = WTFMove(callback), result = result.releaseReturnValue(), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) { You may want to add a similar comment above this line or add one such comment above the first postTask() call. > Source/WebCore/crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:107 > + context.postTask([exceptionCallback = WTFMove(exceptionCallback), ec = result.releaseException().code(), callback = WTFMove(callback)](ScriptExecutionContext& context) { Ditto. > Source/WebCore/crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:113 > + context.postTask([callback = WTFMove(callback), result = result.releaseReturnValue(), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) { Ditto. > Source/WebCore/crypto/mac/CryptoAlgorithmRSAES_PKCS1_v1_5Mac.cpp:70 > + context.postTask([exceptionCallback = WTFMove(exceptionCallback), ec = result.releaseException().code(), callback = WTFMove(callback)](ScriptExecutionContext& context) { Ditto. > Source/WebCore/crypto/mac/CryptoAlgorithmRSAES_PKCS1_v1_5Mac.cpp:76 > + context.postTask([callback = WTFMove(callback), result = result.releaseReturnValue(), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) { Ditto. > Source/WebCore/crypto/mac/CryptoAlgorithmRSAES_PKCS1_v1_5Mac.cpp:90 > + context.postTask([exceptionCallback = WTFMove(exceptionCallback), ec = result.releaseException().code(), callback = WTFMove(callback)](ScriptExecutionContext& context) { Ditto. > Source/WebCore/crypto/mac/CryptoAlgorithmRSAES_PKCS1_v1_5Mac.cpp:96 > + context.postTask([callback = WTFMove(callback), result = result.releaseReturnValue(), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) { Ditto. > Source/WebCore/crypto/mac/CryptoAlgorithmRSA_OAEPMac.cpp:81 > + context.postTask([exceptionCallback = WTFMove(exceptionCallback), ec = result.releaseException().code(), callback = WTFMove(callback)](ScriptExecutionContext& context) { Ditto. > Source/WebCore/crypto/mac/CryptoAlgorithmRSA_OAEPMac.cpp:87 > + context.postTask([callback = WTFMove(callback), result = result.releaseReturnValue(), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) { Ditto. > Source/WebCore/crypto/mac/CryptoAlgorithmRSA_OAEPMac.cpp:102 > + context.postTask([exceptionCallback = WTFMove(exceptionCallback), ec = result.releaseException().code(), callback = WTFMove(callback)](ScriptExecutionContext& context) { Ditto. > Source/WebCore/crypto/mac/CryptoAlgorithmRSA_OAEPMac.cpp:108 > + context.postTask([callback = WTFMove(callback), result = result.releaseReturnValue(), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) { Ditto.

Jiewen Tan

Comment 10 2016-11-28 20:22:31 PST

Comment on attachment 295568 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=295568&action=review Thanks Dan for r+ my patch. >> Source/WebCore/crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:85 >> + context.postTask([exceptionCallback = WTFMove(exceptionCallback), ec = result.releaseException().code(), callback = WTFMove(callback)](ScriptExecutionContext& context) { > > You may want to consider adding a comment above this line that explains that we capture callback even though the lambda does not explicitly call it because callback must be destroyed on the main thread. Fixed. >> Source/WebCore/crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:91 >> + context.postTask([callback = WTFMove(callback), result = result.releaseReturnValue(), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) { > > You may want to add a similar comment above this line or add one such comment above the first postTask() call. Fixed. >> Source/WebCore/crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:107 >> + context.postTask([exceptionCallback = WTFMove(exceptionCallback), ec = result.releaseException().code(), callback = WTFMove(callback)](ScriptExecutionContext& context) { > > Ditto. Fixed. >> Source/WebCore/crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:113 >> + context.postTask([callback = WTFMove(callback), result = result.releaseReturnValue(), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) { > > Ditto. Fixed. >> Source/WebCore/crypto/mac/CryptoAlgorithmRSAES_PKCS1_v1_5Mac.cpp:70 >> + context.postTask([exceptionCallback = WTFMove(exceptionCallback), ec = result.releaseException().code(), callback = WTFMove(callback)](ScriptExecutionContext& context) { > > Ditto. Fixed. >> Source/WebCore/crypto/mac/CryptoAlgorithmRSAES_PKCS1_v1_5Mac.cpp:76 >> + context.postTask([callback = WTFMove(callback), result = result.releaseReturnValue(), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) { > > Ditto. Fixed. >> Source/WebCore/crypto/mac/CryptoAlgorithmRSAES_PKCS1_v1_5Mac.cpp:90 >> + context.postTask([exceptionCallback = WTFMove(exceptionCallback), ec = result.releaseException().code(), callback = WTFMove(callback)](ScriptExecutionContext& context) { > > Ditto. Fixed. >> Source/WebCore/crypto/mac/CryptoAlgorithmRSAES_PKCS1_v1_5Mac.cpp:96 >> + context.postTask([callback = WTFMove(callback), result = result.releaseReturnValue(), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) { > > Ditto. Fixed. >> Source/WebCore/crypto/mac/CryptoAlgorithmRSA_OAEPMac.cpp:81 >> + context.postTask([exceptionCallback = WTFMove(exceptionCallback), ec = result.releaseException().code(), callback = WTFMove(callback)](ScriptExecutionContext& context) { > > Ditto. Fixed. >> Source/WebCore/crypto/mac/CryptoAlgorithmRSA_OAEPMac.cpp:87 >> + context.postTask([callback = WTFMove(callback), result = result.releaseReturnValue(), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) { > > Ditto. Fixed. >> Source/WebCore/crypto/mac/CryptoAlgorithmRSA_OAEPMac.cpp:102 >> + context.postTask([exceptionCallback = WTFMove(exceptionCallback), ec = result.releaseException().code(), callback = WTFMove(callback)](ScriptExecutionContext& context) { > > Ditto. Fixed. >> Source/WebCore/crypto/mac/CryptoAlgorithmRSA_OAEPMac.cpp:108 >> + context.postTask([callback = WTFMove(callback), result = result.releaseReturnValue(), exceptionCallback = WTFMove(exceptionCallback)](ScriptExecutionContext& context) { > > Ditto. Fixed.

Jiewen Tan

Comment 11 2016-11-28 20:25:31 PST

Created attachment 295576 [details] Patch for landing

WebKit Commit Bot

Comment 12 2016-11-28 20:50:12 PST

Comment on attachment 295576 [details] Patch for landing Clearing flags on attachment: 295576 Committed r209059: <http://trac.webkit.org/changeset/209059>

Darin Adler

Comment 13 2016-11-28 20:53:40 PST

Patch landed with lots of the typo "derenference" instead of "dereference".

Jiewen Tan

Comment 14 2016-11-28 21:50:12 PST

(In reply to comment #13) > Patch landed with lots of the typo "derenference" instead of "dereference". Thanks for pointing out. A followup patch is landed. Committed r209061: <http://trac.webkit.org/changeset/209061>

Note You need to log in before you can comment on or make changes to this bug.