RESOLVED FIXED 127757
Web Inspector: CRASH when debugger closes while paused and remote inspecting a JSContext 
https://bugs.webkit.org/show_bug.cgi?id=127757
Summary Web Inspector: CRASH when debugger closes while paused and remote inspecting ...
Joseph Pecoraro
Reported 2014-01-27 19:50:25 PST
* SUMMARY JSContext hosting application crashes when a remote debugger disconnects when it was paused during inspection. * STEPS TO REPRODUCE 1. Launch JSContext test application 2. Inspect JSContext from remote debugger 3. Trigger a breakpoint in the remote debugger 4. Close the remote debugger => CRASH * NOTES It looks like this is because of our nested runloop. 1. Inspector is connected JSGlobalObjectInspectorController and JSGlobalObjectScriptDebugServer are created. 2. Breakpoint is triggered, JSGlobalObjectInspectorController and JSGlobalObjectScriptDebugServer are below the nested runloop on the call stack. 3. Debugger disconnected, while in the nested runloop we receive the disconnect method and decide to teardown the connection => destroy debugger agent, script debug server, and inspector controller 4. Nested call stack resumes inside of a now destructed object => CRASH WebCore gets around this debugging a WebCore::Page by always keeping InspectorController/PageDebuggerAgent/PageScriptDebugServer alive. It just connects/disconnects them. It seems like we need to handle some special kind of connection closing when we are inside a nested runloop. This is very ugly unless we can just say "continue now, and cleanup on the next runloop".
Attachments
[PATCH] Proposed Fix (15.33 KB, patch)
2014-02-13 14:17 PST, Joseph Pecoraro 		timothy: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2014-01-27 19:50:59 PST
<rdar://problem/15922131>
Joseph Pecoraro
Comment 2 2014-01-27 19:52:08 PST
(In reply to comment #0) > It seems like we need to handle some special kind of connection closing when we are inside a nested runloop. This is very ugly unless we can just say "continue now, and cleanup on the next runloop". Or we could decide to lazily keep the JSGlobalObjectInspectorController object and some agents around. That could be somewhat useful. E.g. what if you wanted to store console messages, or $1..$9 inspector objects variables. That would mean storing those objects on the JSGlobalObject instead of JSGlobalObjectRemoteDebuggable.
Joseph Pecoraro
Comment 3 2014-02-13 14:17:32 PST
Created attachment 224109 [details] [PATCH] Proposed Fix This addresses 2 known crashes: 1. Crash when RWI paused and closing RWI 2. Crash when RWI connected and JSGlobalObject is destroyed This does mean that each JSGlobalObject allocated an InspectorController / Inspector{,Runtime,Debugger,Console} agent. But they do nothing unless you open an RWI connection to the inspector. Soon I will take advantage of the agents being available outside of a remote debug session and stash exception info.
Joseph Pecoraro
Comment 4 2014-02-14 19:02:04 PST
<http://trac.webkit.org/changeset/164151>
Note You need to log in before you can comment on or make changes to this bug.