RESOLVED FIXED 168356
ASSERTION FAILED: m_normalWorld->hasOneRef() under WorkerThread::stop 
https://bugs.webkit.org/show_bug.cgi?id=168356
Summary ASSERTION FAILED: m_normalWorld->hasOneRef() under WorkerThread::stop
Joseph Pecoraro
Reported 2017-02-14 20:47:30 PST
Created attachment 301579 [details] [CRASH] Crash Log Assert seen while adding new Worker web-platform-tests. Seen at r212337. * Steps to reproduce: (with local changes) 1. Add new Worker web-platform-test tests (to be added soon to bug 168086) 2. Enable Resource Timing 3. http://localhost:8800/resource-timing/rt-performance-extensions.worker.html 4. Reload => CRASH ASSERTION FAILED: m_normalWorld->hasOneRef() /Users/pecoraro/Code/safari/OpenSource/Source/WebCore/bindings/js/WebCoreJSClientData.cpp(55) : virtual WebCore::JSVMClientData::~JSVMClientData() 1 0x1112b83ed WTFCrash 2 0x11666227a WebCore::JSVMClientData::~JSVMClientData() 3 0x116662485 WebCore::JSVMClientData::~JSVMClientData() 4 0x1166624a9 WebCore::JSVMClientData::~JSVMClientData() 5 0x11118b8fc JSC::VM::~VM() 6 0x11118d4e5 JSC::VM::~VM() 7 0x110b6c7b7 WTF::ThreadSafeRefCounted<JSC::VM>::deref() const 8 0x110b6c761 void WTF::derefIfNotNull<JSC::VM>(JSC::VM*) 9 0x110d6652b WTF::RefPtr<JSC::VM>::operator=(std::nullptr_t) 10 0x110d770aa JSC::JSLockHolder::~JSLockHolder() 11 0x110d77125 JSC::JSLockHolder::~JSLockHolder() 12 0x1167c3cff WebCore::WorkerScriptController::~WorkerScriptController() 13 0x1167c3ee5 WebCore::WorkerScriptController::~WorkerScriptController() 14 0x1167cbe42 WebCore::WorkerGlobalScope::clearScript() 15 0x1167cbd86 WebCore::WorkerThread::stop()::$_0::operator()(WebCore::ScriptExecutionContext&) const::'lambda'(WebCore::ScriptExecutionContext&)::operator()(WebCore::ScriptExecutionContext&) const 16 0x1167cbd34 WTF::Function<void (WebCore::ScriptExecutionContext&)>::CallableWrapper<WebCore::WorkerThread::stop()::$_0::operator()(WebCore::ScriptExecutionContext&) const::'lambda'(WebCore::ScriptExecutionContext&)>::call(WebCore::ScriptExecutionContext&) 17 0x11427f741 WTF::Function<void (WebCore::ScriptExecutionContext&)>::operator()(WebCore::ScriptExecutionContext&) const 18 0x11426abdd WebCore::ScriptExecutionContext::Task::performTask(WebCore::ScriptExecutionContext&) 19 0x1167c08c9 WebCore::WorkerRunLoop::Task::performTask(WebCore::WorkerRunLoop const&, WebCore::WorkerGlobalScope*) 20 0x1167bfd72 WebCore::WorkerRunLoop::runCleanupTasks(WebCore::WorkerGlobalScope*) 21 0x1167bf4d0 WebCore::WorkerRunLoop::run(WebCore::WorkerGlobalScope*) 22 0x1167c8903 WebCore::WorkerThread::runEventLoop() 23 0x1141de318 WebCore::DedicatedWorkerThread::runEventLoop() 24 0x1167c866d WebCore::WorkerThread::workerThread() 25 0x1167c80f5 WebCore::WorkerThread::workerThreadStart(void*) 26 0x111329f99 WTF::createThread(void (*)(void*), void*, char const*)::$_0::operator()() const 27 0x111329f6d void std::__1::__invoke_void_return_wrapper<void>::__call<WTF::createThread(void (*)(void*), void*, char const*)::$_0&>(WTF::createThread(void (*)(void*), void*, char const*)::$_0&&&) 28 0x111329f19 std::__1::__function::__func<WTF::createThread(void (*)(void*), void*, char const*)::$_0, std::__1::allocator<WTF::createThread(void (*)(void*), void*, char const*)::$_0>, void ()>::operator()() 29 0x1108a07ca std::__1::function<void ()>::operator()() const 30 0x1113289a7 WTF::threadEntryPoint(void*) 31 0x11132a581 WTF::wtfThreadEntryPoint(void*) LEAK: 1 WebFrame LEAK: 50 WebCoreNode LEAK: 1 CachedResource LEAK: 1 BidiRun
Attachments
[CRASH] Crash Log (88.16 KB, text/plain)
2017-02-14 20:47 PST, Joseph Pecoraro 		no flags
Details
[PATCH] Proposed Fix (5.18 KB, patch)
2017-02-20 16:49 PST, Joseph Pecoraro 		no flags
DetailsFormatted DiffDiff
[PATCH] Proposed Fix (5.49 KB, patch)
2017-02-20 16:55 PST, Joseph Pecoraro 		rniwa: review+
joepeck: commit-queue-
DetailsFormatted DiffDiff
[PATCH] For Landing (6.01 KB, patch)
2017-02-20 19:25 PST, Joseph Pecoraro 		no flags
DetailsFormatted DiffDiff
[PATCH] For Landing (5.63 KB, patch)
2017-02-20 19:37 PST, Joseph Pecoraro 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Joseph Pecoraro
Comment 1 2017-02-14 20:51:01 PST
I'm able to reproduce this almost 100%. So don't hesitate to ask me questions.
Ryan Haddad
Comment 2 2017-02-16 13:12:54 PST
Hit this with imported/w3c/web-platform-tests/resource-timing/rt-resource-errors.html. Skipped the test on debug in http://trac.webkit.org/projects/webkit/changeset/212460
Ryan Haddad
Comment 3 2017-02-16 15:09:57 PST
Same with imported/w3c/web-platform-tests/resource-timing/rt-resource-ignored.html http://trac.webkit.org/projects/webkit/changeset/212467
Ryan Haddad
Comment 4 2017-02-16 17:44:56 PST
I ended up skipping the entire directory on Debug in http://trac.webkit.org/projects/webkit/changeset/212509
Radar WebKit Bug Importer
Comment 5 2017-02-18 10:46:20 PST
<rdar://problem/30592486>
Joseph Pecoraro
Comment 6 2017-02-20 16:42:05 PST
Seems to be related to WebCore::Performance destruction with EventListeners.
Joseph Pecoraro
Comment 7 2017-02-20 16:46:44 PST
<rdar://problem/30608413>
Joseph Pecoraro
Comment 8 2017-02-20 16:49:49 PST
Created attachment 302203 [details] [PATCH] Proposed Fix
Joseph Pecoraro
Comment 9 2017-02-20 16:55:40 PST
Created attachment 302206 [details] [PATCH] Proposed Fix
WebKit Commit Bot
Comment 10 2017-02-20 16:57:59 PST
Attachment 302206 [details] did not pass style-queue: ERROR: Source/WebCore/ChangeLog:9: You should remove the 'No new tests' and either add and list tests, or explain why no new tests were possible. [changelog/nonewtests] [5] Total errors found: 1 in 6 files If any of these errors are false positives, please file a bug against check-webkit-style.
Ryosuke Niwa
Comment 11 2017-02-20 19:06:44 PST
Comment on attachment 302206 [details] [PATCH] Proposed Fix View in context: https://bugs.webkit.org/attachment.cgi?id=302206&action=review > LayoutTests/TestExpectations:314 > +webkit.org/b/161088 imported/w3c/web-platform-tests/resource-timing/resource-timing.html [ Pass Failure ] > webkit.org/b/168357 imported/w3c/web-platform-tests/resource-timing/rt-initiatorType-media.html [ Failure ] Why is this flaky failure??
Joseph Pecoraro
Comment 12 2017-02-20 19:19:21 PST
Comment on attachment 302206 [details] [PATCH] Proposed Fix View in context: https://bugs.webkit.org/attachment.cgi?id=302206&action=review >> LayoutTests/TestExpectations:314 >> webkit.org/b/168357 imported/w3c/web-platform-tests/resource-timing/rt-initiatorType-media.html [ Failure ] > > Why is this flaky failure?? This is flakey because of: https://bugs.webkit.org/show_bug.cgi?id=168351 We are getting a timestamp from the NetworkProcess which may have been shifted compared to the WebProcess. So the WebProcess's timestamps and NetworkProcess timestamps may result in an incorrect order. > LayoutTests/TestExpectations:982 > webkit.org/b/168356 [ Debug ] imported/w3c/web-platform-tests/resource-timing [ Skip ] I meant to be removing this line, but horribly merged this with Git... Sorry!
Joseph Pecoraro
Comment 13 2017-02-20 19:25:11 PST
Created attachment 302218 [details] [PATCH] For Landing
Joseph Pecoraro
Comment 14 2017-02-20 19:35:58 PST
Comment on attachment 302218 [details] [PATCH] For Landing View in context: https://bugs.webkit.org/attachment.cgi?id=302218&action=review > LayoutTests/TestExpectations:-319 > -webkit.org/b/161176 [ Debug ] imported/w3c/web-platform-tests/url/url-setters.html [ Skip ] Wrong one... I'm really bad at this.
Joseph Pecoraro
Comment 15 2017-02-20 19:37:17 PST
Created attachment 302220 [details] [PATCH] For Landing
WebKit Commit Bot
Comment 16 2017-02-20 21:04:17 PST
Comment on attachment 302220 [details] [PATCH] For Landing Clearing flags on attachment: 302220 Committed r212698: <http://trac.webkit.org/changeset/212698>
Joseph Pecoraro
Comment 17 2017-02-20 21:26:32 PST
<https://trac.webkit.org/changeset/212698>
Note You need to log in before you can comment on or make changes to this bug.