152080 – Web Inspector: reproducible debug ASSERT when inspecting the inspector (WK2)

Bug 152080 - Web Inspector: reproducible debug ASSERT when inspecting the inspector (WK2)

Summary: Web Inspector: reproducible debug ASSERT when inspecting the inspector (WK2)

Status:	REOPENED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Web Inspector (show other bugs)
Version:	WebKit Nightly Build
Hardware:	All All

Importance:	P2 Normal
Assignee:	BJ Burg

URL:
Keywords:	InRadar

Depends on:	152100 152711
Blocks:	152472
	Show dependency tree / graph

Reported:	2015-12-09 10:59 PST by BJ Burg
Modified:	2016-12-13 15:40 PST (History)
CC List:	5 users (show)

See Also:

Attachments
Proposed Fix (1.80 KB, patch) 2015-12-09 12:12 PST, BJ Burg	no flags	Details \| Formatted Diff \| Diff
Proposed Fix (v2) (4.03 KB, patch) 2015-12-29 12:58 PST, BJ Burg	no flags	Details \| Formatted Diff \| Diff
Proposed Fix (v2.1) (4.44 KB, patch) 2015-12-30 18:43 PST, BJ Burg	no flags	Details \| Formatted Diff \| Diff
Proposed fix (v2.2) (4.64 KB, patch) 2016-01-03 16:09 PST, BJ Burg	no flags	Details \| Formatted Diff \| Diff
Show Obsolete (3) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description BJ Burg 2015-12-09 10:59:47 PST

:(

Call stack:

ASSERTION FAILED: !m_messageReceivers.contains(std::make_pair(messageReceiverName, destinationID))
/Users/bburg/repos/webkit/OpenSource/Source/WebKit2/Platform/IPC/MessageReceiverMap.cpp(53) : void IPC::MessageReceiverMap::addMessageReceiver(IPC::StringReference, uint64_t, IPC::MessageReceiver &)
1   0x110e72140 WTFCrash
2   0x1136d16fd IPC::MessageReceiverMap::addMessageReceiver(IPC::StringReference, unsigned long long, IPC::MessageReceiver&)
3   0x1135539e2 WebKit::ChildProcessProxy::addMessageReceiver(IPC::StringReference, unsigned long long, IPC::MessageReceiver&)
4   0x113c5db93 WebKit::WebInspectorProxy::eagerlyCreateInspectorPage()
5   0x113c5e92c WebKit::WebInspectorProxy::createInspectorPage(IPC::Attachment, bool, bool)
6   0x113c718b4 void IPC::callMemberFunctionImpl<WebKit::WebInspectorProxy, void (WebKit::WebInspectorProxy::*)(IPC::Attachment, bool, bool), std::__1::tuple<IPC::Attachment, bool, bool>, 0ul, 1ul, 2ul>(WebKit::WebInspectorProxy*, void (WebKit::WebInspectorProxy::*)(IPC::Attachment, bool, bool), std::__1::tuple<IPC::Attachment, bool, bool>&&, std::index_sequence<0ul, 1ul, 2ul>)
7   0x113c71598 void IPC::callMemberFunction<WebKit::WebInspectorProxy, void (WebKit::WebInspectorProxy::*)(IPC::Attachment, bool, bool), std::__1::tuple<IPC::Attachment, bool, bool>, std::make_index_sequence<3ul> >(std::__1::tuple<IPC::Attachment, bool, bool>&&, WebKit::WebInspectorProxy*, void (WebKit::WebInspectorProxy::*)(IPC::Attachment, bool, bool))
8   0x113c7070f void IPC::handleMessage<Messages::WebInspectorProxy::CreateInspectorPage, WebKit::WebInspectorProxy, void (WebKit::WebInspectorProxy::*)(IPC::Attachment, bool, bool)>(IPC::MessageDecoder&, WebKit::WebInspectorProxy*, void (WebKit::WebInspectorProxy::*)(IPC::Attachment, bool, bool))
9   0x113c6fec5 WebKit::WebInspectorProxy::didReceiveMessage(IPC::Connection&, IPC::MessageDecoder&)
10  0x113c705e7 non-virtual thunk to WebKit::WebInspectorProxy::didReceiveMessage(IPC::Connection&, IPC::MessageDecoder&)
11  0x1136d1eff IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::MessageDecoder&)
12  0x113553ad7 WebKit::ChildProcessProxy::dispatchMessage(IPC::Connection&, IPC::MessageDecoder&)
13  0x113ead3ca WebKit::WebProcessProxy::didReceiveMessage(IPC::Connection&, IPC::MessageDecoder&)
14  0x113ead4c7 non-virtual thunk to WebKit::WebProcessProxy::didReceiveMessage(IPC::Connection&, IPC::MessageDecoder&)
15  0x113561c63 IPC::Connection::dispatchMessage(IPC::MessageDecoder&)
16  0x113558b91 IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)
17  0x11356225f IPC::Connection::dispatchOneMessage()
18  0x1135735bd IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_10::operator()() const
19  0x11357358d void std::__1::__invoke_void_return_wrapper<void>::__call<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_10&>(IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_10&&&)
20  0x1135733dc std::__1::__function::__func<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_10, std::__1::allocator<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >)::$_10>, void ()>::operator()()
21  0x110896a3a std::__1::function<void ()>::operator()() const
22  0x110eba792 WTF::RunLoop::performWork()
23  0x110ebaed4 WTF::RunLoop::performWork(void*)
24  0x7fff985e75c1 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__
25  0x7fff985d941c __CFRunLoopDoSources0
26  0x7fff985d893f __CFRunLoopRun
27  0x7fff985d8338 CFRunLoopRunSpecific
28  0x7fff96609935 RunCurrentEventLoopInMode
29  0x7fff96609677 ReceiveNextEventCommon
30  0x7fff966095af _BlockUntilNextEventMatchingListInModeWithFilter
31  0x7fff8d37b38a _DPSNextEvent

Comment 1 Radar WebKit Bug Importer 2015-12-09 11:00:03 PST

<rdar://problem/23824211>

Comment 2 BJ Burg 2015-12-09 12:12:50 PST

Created attachment 267033 [details]
Proposed Fix

Comment 3 WebKit Commit Bot 2015-12-09 14:12:01 PST

Comment on attachment 267033 [details]
Proposed Fix

Clearing flags on attachment: 267033

Committed r193864: <http://trac.webkit.org/changeset/193864>

Comment 4 WebKit Commit Bot 2015-12-09 14:12:05 PST

All reviewed patches have been landed.  Closing bug.

Comment 5 WebKit Commit Bot 2015-12-09 15:54:57 PST

Re-opened since this is blocked by bug 152100

Comment 6 BJ Burg 2015-12-28 15:10:31 PST

Re-investigating this. Looks like we have mixed up the page ids for m_inspectedPage and m_inspectorPage.

Comment 7 BJ Burg 2015-12-29 12:58:27 PST

Created attachment 267991 [details]
Proposed Fix (v2)

Comment 8 BJ Burg 2015-12-30 18:43:09 PST

Created attachment 268022 [details]
Proposed Fix (v2.1)

Comment 9 BJ Burg 2016-01-03 16:09:02 PST

Created attachment 268152 [details]
Proposed fix (v2.2)

Latest patch fixes typo that caused crash when closing Inspector at quit.

Comment 10 WebKit Commit Bot 2016-01-04 11:40:12 PST

Comment on attachment 268152 [details]
Proposed fix (v2.2)

Clearing flags on attachment: 268152

Committed r194544: <http://trac.webkit.org/changeset/194544>

Comment 11 WebKit Commit Bot 2016-01-04 11:40:16 PST

All reviewed patches have been landed.  Closing bug.

Comment 12 WebKit Commit Bot 2016-01-04 13:24:38 PST

Re-opened since this is blocked by bug 152711

Comment 13 BJ Burg 2016-01-04 13:27:15 PST

Rolling out temporarily. The v2.2 patch regressed from earlier ones, messed up pairing of inspected pages with their ids. The code is correct on the invalidate() path but not the other paths, so we hit an assert when on the invalidate() path because the receiver map has junk in it.

Representative crashing stack trace:

12:33:36.347 91600   ASSERTION FAILED: m_messageReceivers.contains(std::make_pair(messageReceiverName, destinationID))
12:33:36.347 91600   /Volumes/Data/slave/elcapitan-debug/build/Source/WebKit2/Platform/IPC/MessageReceiverMap.cpp(72) : void IPC::MessageReceiverMap::removeMessageReceiver(IPC::StringReference, uint64_t)
12:33:36.347 91600   1   0x10aa46b90 WTFCrash
12:33:36.347 91600   2   0x10ca45470 IPC::MessageReceiverMap::removeMessageReceiver(IPC::StringReference, unsigned long long)
12:33:36.347 91600   3   0x10c8d9d3a WebKit::ChildProcessProxy::removeMessageReceiver(IPC::StringReference, unsigned long long)
12:33:36.347 91600   4   0x10cfce6b6 WebKit::WebInspectorProxy::invalidate()
12:33:36.348 91600   5   0x10d0af9a9 WebKit::WebPageProxy::resetState(WebKit::WebPageProxy::ResetStateReason)
12:33:36.348 91600   6   0x10d0a9035 WebKit::WebPageProxy::close()
12:33:36.348 91600   7   0x10cfd9031 WebKit::WebInspectorProxy::closeTimerFired()
12:33:36.348 91600   8   0x10cfd537e WTF::RunLoop::Timer<WebKit::WebInspectorProxy>::fired()
12:33:36.348 91600   9   0x10aa8fa91 WTF::RunLoop::TimerBase::timerFired(__CFRunLoopTimer*, void*)
12:33:36.348 91600   10  0x7fff94041bc4 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__
12:33:36.348 91600   11  0x7fff94041853 __CFRunLoopDoTimer
12:33:36.348 91600   12  0x7fff940bfe6a __CFRunLoopDoTimers
12:33:36.348 91600   13  0x7fff93ffccd1 __CFRunLoopRun
12:33:36.348 91600   14  0x7fff93ffc338 CFRunLoopRunSpecific
12:33:36.348 91600   15  0x7fff8acd3e61 -[NSRunLoop(NSRunLoop) runMode:beforeDate:]
12:33:36.348 91600   16  0x109b216f6 WTR::TestController::platformRunUntil(bool&, double)
12:33:36.348 91600   17  0x109af6369 WTR::TestController::runUntil(bool&, double)
12:33:36.348 91600   18  0x109af61b2 WTR::TestController::resetStateToConsistentValues()
12:33:36.348 91600   19  0x109b10d9f WTR::TestInvocation::invoke()
12:33:36.348 91600   20  0x109afbc8b WTR::TestController::runTest(char const*)
12:33:36.348 91600   21  0x109afc988 WTR::TestController::runTestingServerLoop()
12:33:36.348 91600   22  0x109af24e7 WTR::TestController::run()
12:33:36.348 91600   23  0x109af2076 WTR::TestController::TestController(int, char const**)
12:33:36.348 91600   24  0x109af26b3 WTR::TestController::TestController(int, char const**)
12:33:36.348 91600   25  0x109adb2df main
12:33:36.348 91600   26  0x7fff9fc515ad start

Comment 14 Alexey Proskuryakov 2016-09-27 10:06:46 PDT

Perhaps this explains some mysteries on Web Inspector regression tests?

Comment 15 BJ Burg 2016-09-27 14:04:38 PDT

(In reply to comment #14)
> Perhaps this explains some mysteries on Web Inspector regression tests?

Uh, how is that?