Bug 31805

Summary: [V8] Don't crash when OOM in creating isolated world
Product: WebKit Reporter: Adam Barth <abarth>
Component: WebCore JavaScriptAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: ager, antonm, dglazkov
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Attachments:
Description Flags
Patch
none
Patch dglazkov: review+, abarth: commit-queue-

Adam Barth
Reported 2009-11-23 07:26:59 PST
Thread 0 *CRASHED* ( EXCEPTION_ACCESS_VIOLATION @ 0x00000000 ) 0x01a936fd [chrome.dll - api.cc:476] v8::Context::GetData() 0x015a6cae [chrome.dll - v8proxy.cpp:385] WebCore::V8Proxy::setInjectedScriptContextDebugId(v8::Handle<v8::Context>) 0x015a6a92 [chrome.dll - v8proxy.cpp:314] WebCore::V8Proxy::evaluateInIsolatedWorld(int,WTF::Vector<WebCore::ScriptSourceCode,0> const &,int) 0x018329d9 [chrome.dll - webframeimpl.cpp:596] WebKit::WebFrameImpl::executeScriptInIsolatedWorld(int,WebKit::WebScriptSource const *,unsigned int,int) 0x01376e51 [chrome.dll - user_script_slave.cc:188] UserScriptSlave::InjectScripts(WebKit::WebFrame *,UserScript::RunLocation) 0x0136d000 [chrome.dll - render_view.cc:2320] RenderView::OnUserScriptIdleTriggered(WebKit::WebFrame *) 0x0138e482 [chrome.dll - user_script_idle_scheduler.cc:44] UserScriptIdleScheduler::MaybeRun() 0x015915b9 [chrome.dll - task.h:147] ScopedRunnableMethodFactory<appcache::MockAppCacheStorage>::RunnableMethod<void ( appcache::MockAppCacheStorage::*)(void),Tuple0>::Run() 0x01345f5d [chrome.dll - message_loop.cc:320] MessageLoop::RunTask(Task *) 0x01345f97 [chrome.dll - message_loop.cc:328] MessageLoop::DeferOrRunPendingTask(MessageLoop::PendingTask const &) 0x0134614c [chrome.dll - message_loop.cc:435] MessageLoop::DoWork() 0x01356f46 [chrome.dll - message_pump_default.cc:50] base::MessagePumpDefault::Run(base::MessagePump::Delegate *) 0x01345e0d [chrome.dll - message_loop.cc:205] MessageLoop::RunInternal() 0x01345d92 [chrome.dll - message_loop.cc:177] MessageLoop::RunHandler() 0x01345d43 [chrome.dll - message_loop.cc:155] MessageLoop::Run() 0x0135e9ca [chrome.dll - renderer_main.cc:139] RendererMain(MainFunctionParams const &) 0x012b37fb [chrome.dll - chrome_dll_main.cc:565] ChromeMain 0x01222f02 [chrome.exe - client_util.cc:170] MainDllLoader::Launch(HINSTANCE__ *,sandbox::SandboxInterfaceInfo *) 0x01223548 [chrome.exe - chrome_exe_main.cc:47] wWinMain 0x01247949 [chrome.exe - crt0.c:324] __tmainCRTStartup 0x77333676 [kernel32.dll + 0x00013676] BaseThreadInitThunk 0x77d59d71 [ntdll.dll + 0x00039d71] __RtlUserThreadStart 0x77d59d44 [ntdll.dll + 0x00039d44] _RtlUserThreadStart
Attachments
Patch (3.95 KB, patch)
2009-11-23 07:37 PST, Adam Barth 		no flags
DetailsFormatted DiffDiff
Patch (4.00 KB, patch)
2009-11-23 08:23 PST, Adam Barth 		dglazkov: review+
abarth: commit-queue-
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Adam Barth
Comment 1 2009-11-23 07:37:39 PST
Created attachment 43715 [details] Patch
anton muhin
Comment 2 2009-11-23 08:18:35 PST
(In reply to comment #1) > Created an attachment (id=43715) [details] > Patch I thought that we crash in this line: v8::Handle<v8::Value> windowContextData = m_context->GetData(); shouldn't we add if (m_context.IsEmpty()) check above as well?
Adam Barth
Comment 3 2009-11-23 08:23:41 PST
Created attachment 43717 [details] Patch
Adam Barth
Comment 4 2009-11-23 08:24:40 PST
Right you are!
anton muhin
Comment 5 2009-11-23 08:25:23 PST
Comment on attachment 43717 [details] Patch Thanks a lot.
Adam Barth
Comment 6 2009-11-23 08:42:02 PST
Comment on attachment 43717 [details] Patch Thanks Anton, but according to committers.py, you're not a reviewer (yet!). We still need an official reviewer to sign off on this patch.
Dimitri Glazkov (Google)
Comment 7 2009-11-23 08:50:12 PST
Comment on attachment 43717 [details] Patch r=me.
Adam Barth
Comment 8 2009-11-23 11:12:16 PST
Committed r51312: <http://trac.webkit.org/changeset/51312>
Note You need to log in before you can comment on or make changes to this bug.