Bug 114610 - [BlackBerry] Filesystem callback notifyCreateSnapshotFileAndReadMetadata can be called on the wring thread
Summary: [BlackBerry] Filesystem callback notifyCreateSnapshotFileAndReadMetadata can ...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit BlackBerry (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-04-15 02:18 PDT by Carlos Garcia Campos
Modified: 2013-04-15 03:10 PDT (History)
6 users (show)

See Also:

Attachments
Patch (5.07 KB, patch)
2013-04-15 02:22 PDT, Carlos Garcia Campos 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Carlos Garcia Campos 2013-04-15 02:18:56 PDT 
This causes an assert in debug builds:

Program terminated with signal 11, Segmentation fault.
#0  0x794068ba in JSC::Heap::allocateWithImmortalStructureDestructor (this=0x8447e40, bytes=64) at /home/cgarcia/rim/webkit/Source/JavaScriptCore/heap/Heap.h:377
377	        ASSERT(isValidAllocation(bytes));
(gdb) bt
#0  0x794068ba in JSC::Heap::allocateWithImmortalStructureDestructor (this=0x8447e40, bytes=64) at /home/cgarcia/rim/webkit/Source/JavaScriptCore/heap/Heap.h:377
#1  0x7940cece in JSC::allocateCell<JSC::Structure> (heap=..., size=64) at /home/cgarcia/rim/webkit/Source/JavaScriptCore/runtime/JSCellInlines.h:92
#2  0x7940b67a in JSC::allocateCell<JSC::Structure> (heap=...) at /home/cgarcia/rim/webkit/Source/JavaScriptCore/runtime/JSCellInlines.h:104
#3  0x7940a262 in JSC::Structure::create (globalData=..., globalObject=0x89bf838, prototype=..., typeInfo=..., classInfo=0x7faac148, indexingType=0 '\000', inlineCapacity=0)
    at /home/cgarcia/rim/webkit/Source/JavaScriptCore/runtime/StructureInlines.h:38
#4  0x7d4e3d04 in WebCore::JSBlobPrototype::createStructure (globalData=..., globalObject=0x89bf838, prototype=...)
    at /home/cgarcia/rim/webkit/WebKitBuild/armle-v7/Debug/DerivedSources/WebCore/JSBlob.h:104
#5  0x7d4e322e in WebCore::JSBlob::createPrototype (exec=0x89bf9a0, globalObject=0x89bf838) at /home/cgarcia/rim/webkit/WebKitBuild/armle-v7/Debug/DerivedSources/WebCore/JSBlob.cpp:146
#6  0x7d2de2c0 in WebCore::getDOMStructure<WebCore::JSBlob> (exec=0x89bf9a0, globalObject=0x89bf838) at /home/cgarcia/rim/webkit/Source/WebCore/bindings/js/JSDOMBinding.h:116
#7  0x7d4e4062 in WebCore::getDOMPrototype<WebCore::JSBlob> (exec=0x89bf9a0, globalObject=0x89bf838) at /home/cgarcia/rim/webkit/Source/WebCore/bindings/js/JSDOMBinding.h:127
#8  0x7d4e308a in WebCore::JSBlobPrototype::self (exec=0x89bf9a0, globalObject=0x89bf838) at /home/cgarcia/rim/webkit/WebKitBuild/armle-v7/Debug/DerivedSources/WebCore/JSBlob.cpp:110
#9  0x7d4e4c02 in WebCore::JSFile::createPrototype (exec=0x89bf9a0, globalObject=0x89bf838) at /home/cgarcia/rim/webkit/WebKitBuild/armle-v7/Debug/DerivedSources/WebCore/JSFile.cpp:121
#10 0x7d2de44c in WebCore::getDOMStructure<WebCore::JSFile> (exec=0x89bf9a0, globalObject=0x89bf838) at /home/cgarcia/rim/webkit/Source/WebCore/bindings/js/JSDOMBinding.h:116
#11 0x7d2de1d4 in WebCore::createWrapper<WebCore::JSFile, WebCore::File> (exec=0x89bf9a0, globalObject=0x89bf838, node=0x82d8a70)
    at /home/cgarcia/rim/webkit/Source/WebCore/bindings/js/JSDOMBinding.h:186
#12 0x7d2ddbf8 in WebCore::wrap<WebCore::JSFile, WebCore::File> (exec=0x89bf9a0, globalObject=0x89bf838, domObject=0x82d8a70)
    at /home/cgarcia/rim/webkit/Source/WebCore/bindings/js/JSDOMBinding.h:199
#13 0x7d4e500c in WebCore::toJS (exec=0x89bf9a0, globalObject=0x89bf838, impl=0x82d8a70) at /home/cgarcia/rim/webkit/WebKitBuild/armle-v7/Debug/DerivedSources/WebCore/JSFile.cpp:171
#14 0x7d3ad830 in WebCore::JSFileCallback::handleEvent (this=0x8b03b50, file=0x82d8a70) at /home/cgarcia/rim/webkit/WebKitBuild/armle-v7/Debug/DerivedSources/WebCore/JSFileCallback.cpp:68
#15 0x7c5397ae in WebCore::(anonymous namespace)::SnapshotFileCallback::didCreateSnapshotFile (this=0x84b5998, metadata=..., snapshot=...)
    at /home/cgarcia/rim/webkit/Source/WebCore/Modules/filesystem/DOMFileSystem.cpp:174
#16 0x7d879198 in WebCore::PlatformAsyncFileSystemCallbacks::notifyCreateSnapshotFileAndReadMetadata (this=0x83ecdb8, fileInfo=...)
    at /home/cgarcia/rim/webkit/Source/WebCore/platform/blackberry/PlatformAsyncFileSystemCallbacks.cpp:75
Comment 1 Carlos Garcia Campos 2013-04-15 02:22:49 PDT 
Created attachment 198039 [details]
Patch
Comment 2 Xan Lopez 2013-04-15 02:36:46 PDT 
Comment on attachment 198039 [details]
Patch

Makes sense, seems every other thing in the file is following the same pattern.
Comment 3 WebKit Commit Bot 2013-04-15 03:10:15 PDT 
Comment on attachment 198039 [details]
Patch

Clearing flags on attachment: 198039

Committed r148425: <http://trac.webkit.org/changeset/148425>
Comment 4 WebKit Commit Bot 2013-04-15 03:10:17 PDT 
All reviewed patches have been landed.  Closing bug.