RESOLVED FIXED 67413
[Chromium]Web Inspector: inspected page with dedicated worker crashes on refresh 
https://bugs.webkit.org/show_bug.cgi?id=67413
Summary [Chromium]Web Inspector: inspected page with dedicated worker crashes on refresh
Yury Semikhatsky
Reported 2011-09-01 09:37:02 PDT
1. Open a page with dedicated worker 2. Inspect the worker 3. Try to reload the page Result: Page crashes. Stack trace: (gdb) bt #0 0x00007fffea5bda75 in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 #1 0x00007fffea5c15c0 in abort () at abort.c:92 #2 0x00007ffff312e09f in v8::internal::OS::Abort () at v8/src/platform-linux.cc:421 #3 0x00007ffff2e329ce in V8_Fatal (file=0x7ffff5dc6bc4 "v8/src/isolate.h", line=444, format=0x7ffff5dc6890 "CHECK(%s) failed") at v8/src/checks.cc:58 #4 0x00007ffff2de95a8 in CheckHelper (file=0x7ffff5dc6bc4 "v8/src/isolate.h", line=444, source=0x7ffff5dc6bb2 "isolate != __null", condition=false) at v8/src/checks.h:60 #5 0x00007ffff2e06ab2 in v8::internal::Isolate::Current () at v8/src/isolate.h:444 #6 0x00007ffff2e329c1 in V8_Fatal (file=0x7ffff5dc6bc4 "v8/src/isolate.h", line=444, format=0x7ffff5dc6890 "CHECK(%s) failed") at v8/src/checks.cc:55 #7 0x00007ffff2de95a8 in CheckHelper (file=0x7ffff5dc6bc4 "v8/src/isolate.h", line=444, source=0x7ffff5dc6bb2 "isolate != __null", condition=false) at v8/src/checks.h:60 #8 0x00007ffff2e06ab2 in v8::internal::Isolate::Current () at v8/src/isolate.h:444 #9 0x00007ffff2e329c1 in V8_Fatal (file=0x7ffff5dc6bc4 "v8/src/isolate.h", line=444, format=0x7ffff5dc6890 "CHECK(%s) failed") at v8/src/checks.cc:55 #10 0x00007ffff2de95a8 in CheckHelper (file=0x7ffff5dc6bc4 "v8/src/isolate.h", line=444, source=0x7ffff5dc6bb2 "isolate != __null", condition=false) at v8/src/checks.h:60 #11 0x00007ffff2e06ab2 in v8::internal::Isolate::Current () at v8/src/isolate.h:444 #12 0x00007ffff2deaa9b in v8::V8::IsGlobalWeak (obj=0x7fffd35702a0) at v8/src/api.cc:622 #13 0x00007ffff393efa5 in v8::Persistent<v8::Object>::IsWeak (this=0x7fffd612e580) at v8/include/v8.h:3865 #14 0x00007ffff393e95a in WebCore::OwnHandle<v8::Object>::clear (this=0x7fffd612e580) at third_party/WebKit/Source/WebCore/bindings/v8/OwnHandle.h:53 #15 0x00007ffff393e5a4 in WebCore::OwnHandle<v8::Object>::~OwnHandle (this=0x7fffd612e580, __in_chrg=<value optimized out>) at third_party/WebKit/Source/WebCore/bindings/v8/OwnHandle.h:43 #16 0x00007ffff393e3d0 in WebCore::ScriptDebugServer::~ScriptDebugServer (this=0x7fffd612e570, __in_chrg=<value optimized out>) at third_party/WebKit/Source/WebCore/bindings/v8/ScriptDebugServer.h:92 #17 0x00007ffff3dd044a in WebCore::WorkerScriptDebugServer::~WorkerScriptDebugServer (this=0x7fffd612e570, __in_chrg=<value optimized out>) at third_party/WebKit/Source/WebCore/bindings/v8/WorkerScriptDebugServer.h:46 #18 0x00007ffff3dd0326 in WebCore::WorkerDebuggerAgent::~WorkerDebuggerAgent (this=0x7fffd612e480, __in_chrg=<value optimized out>) at third_party/WebKit/Source/WebCore/inspector/WorkerDebuggerAgent.cpp:53 #19 0x00007ffff3af9a5c in WTF::deleteOwnedPtr<WebCore::InspectorDebuggerAgent> (ptr=0x7fffd612e480) at third_party/WebKit/Source/JavaScriptCore/wtf/OwnPtrCommon.h:65 #20 0x00007ffff3af8765 in WTF::OwnPtr<WebCore::InspectorDebuggerAgent>::~OwnPtr (this=0x7fffd356c070, __in_chrg=<value optimized out>) at third_party/WebKit/Source/JavaScriptCore/wtf/OwnPtr.h:54 #21 0x00007ffff3b5586e in WebCore::WorkerInspectorController::~WorkerInspectorController (this=0x7fffd356c050, __in_chrg=<value optimized out>) at third_party/WebKit/Source/WebCore/inspector/WorkerInspectorController.cpp:119 #22 0x00007ffff3cc8a43 in WTF::deleteOwnedPtr<WebCore::WorkerInspectorController> (ptr=0x7fffd356c050) at third_party/WebKit/Source/JavaScriptCore/wtf/OwnPtrCommon.h:65 #23 0x00007ffff3cc7d05 in WTF::OwnPtr<WebCore::WorkerInspectorController>::~OwnPtr (this=0x7fffd542e6b0, __in_chrg=<value optimized out>) at third_party/WebKit/Source/JavaScriptCore/wtf/OwnPtr.h:54 #24 0x00007ffff3cc4ee4 in WebCore::WorkerContext::~WorkerContext (this=0x7fffd542e400, __in_chrg=<value optimized out>) at third_party/WebKit/Source/WebCore/workers/WorkerContext.cpp:131 #25 0x00007ffff3e25a0c in WebCore::DedicatedWorkerContext::~DedicatedWorkerContext (this=0x7fffd542e400, __in_chrg=<value optimized out>) at third_party/WebKit/Source/WebCore/workers/DedicatedWorkerContext.h:43 #26 0x00007ffff3cc3bcf in WTF::RefCounted<WebCore::WorkerContext>::deref (this=0x7fffd542e5f0) at third_party/WebKit/Source/JavaScriptCore/wtf/RefCounted.h:184 #27 0x00007ffff3cd3d76 in WTF::derefIfNotNull<WebCore::WorkerContext> (ptr=0x7fffd542e400) at third_party/WebKit/Source/JavaScriptCore/wtf/PassRefPtr.h:59 #28 0x00007ffff3cd3b8e in WTF::RefPtr<WebCore::WorkerContext>::operator= (this=0x7fffd611ec20, optr=0x0) at third_party/WebKit/Source/JavaScriptCore/wtf/RefPtr.h:135 #29 0x00007ffff3cd334c in WebCore::WorkerThread::workerThread (this=0x7fffd611eb40) at third_party/WebKit/Source/WebCore/workers/WorkerThread.cpp:149 #30 0x00007ffff3cd30ea in WebCore::WorkerThread::workerThreadStart (thread=0x7fffd611eb40) at third_party/WebKit/Source/WebCore/workers/WorkerThread.cpp:118 #31 0x00007ffff4f0c6e1 in WTF::threadEntryPoint (contextData=0x7fffd33d2c00) at third_party/WebKit/Source/JavaScriptCore/wtf/Threading.cpp:67 #32 0x00007fffed0a49ca in start_thread (arg=<value optimized out>) at pthread_create.c:300 #33 0x00007fffea67070d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112 #34 0x0000000000000000 in ?? ()
Attachments
This patch enforces lifetime ordering between WorkerInspectorController and WorkerScriptController. (2.63 KB, patch)
2011-09-06 17:34 PDT, Dmitry Lomov 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Yury Semikhatsky
Comment 1 2011-09-01 10:07:26 PDT
The problem is that the worker isolate is destroyed before the ScriptDebugServer which holds OwnHandle on an object from the isolate. Dmitry, could you take a look at this? (gdb) bt #0 v8::Isolate::Dispose (this=0x7fffd35da000) at v8/src/api.cc:5052 #1 0x00007ffff397eb59 in WebCore::WorkerScriptController::~WorkerScriptController (this=0x7fffd35d9a00, __in_chrg=<value optimized out>) at third_party/WebKit/Source/WebCore/bindings/v8/WorkerScriptController.cpp:70 #2 0x00007ffff3cc76e1 in WTF::deleteOwnedPtr<WebCore::WorkerScriptController> (ptr=0x7fffd35d9a00) at third_party/WebKit/Source/JavaScriptCore/wtf/OwnPtrCommon.h:65 #3 0x00007ffff3cd29a0 in WTF::OwnPtr<WebCore::WorkerScriptController>::clear (this=0x7fffd9a2b290) at third_party/WebKit/Source/JavaScriptCore/wtf/OwnPtr.h:99 #4 0x00007ffff3cd2528 in WebCore::WorkerContext::clearScript (this=0x7fffd9a2b000) at third_party/WebKit/Source/WebCore/workers/WorkerContext.h:81 #5 0x00007ffff3cd26dc in WebCore::WorkerThreadShutdownFinishTask::performTask (this=0x7fffd37cef10, context=0x7fffd9a2b000) at third_party/WebKit/Source/WebCore/workers/WorkerThread.cpp:178 #6 0x00007ffff3cce7e0 in WebCore::WorkerRunLoop::Task::performTask (this=0x7fffd353a540, context=0x7fffd9a2b000) at third_party/WebKit/Source/WebCore/workers/WorkerRunLoop.cpp:200 #7 0x00007ffff3cce598 in WebCore::WorkerRunLoop::runInMode (this=0x7fffdf367a30, context=0x7fffd9a2b000, predicate=...) at third_party/WebKit/Source/WebCore/workers/WorkerRunLoop.cpp:164 #8 0x00007ffff3cce32d in WebCore::WorkerRunLoop::run (this=0x7fffdf367a30, context=0x7fffd9a2b000) at third_party/WebKit/Source/WebCore/workers/WorkerRunLoop.cpp:135 #9 0x00007ffff3cd23eb in WebCore::WorkerThread::runEventLoop (this=0x7fffdf367a00) at third_party/WebKit/Source/WebCore/workers/WorkerThread.cpp:163 #10 0x00007ffff3cc2b29 in WebCore::DedicatedWorkerThread::runEventLoop (this=0x7fffdf367a00) at third_party/WebKit/Source/WebCore/workers/DedicatedWorkerThread.cpp:66 #11 0x00007ffff3cd2309 in WebCore::WorkerThread::workerThread (this=0x7fffdf367a00) at third_party/WebKit/Source/WebCore/workers/WorkerThread.cpp:141 #12 0x00007ffff3cd212e in WebCore::WorkerThread::workerThreadStart (thread=0x7fffdf367a00) at third_party/WebKit/Source/WebCore/workers/WorkerThread.cpp:118 #13 0x00007ffff4f0b721 in WTF::threadEntryPoint (contextData=0x7fffe004d8c0) at third_party/WebKit/Source/JavaScriptCore/wtf/Threading.cpp:67 #14 0x00007fffed0a39ca in start_thread (arg=<value optimized out>) at pthread_create.c:300 #15 0x00007fffea66f70d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112 #16 0x0000000000000000 in ?? ()
Dmitry Lomov
Comment 2 2011-09-06 17:34:30 PDT
Created attachment 106524 [details] This patch enforces lifetime ordering between WorkerInspectorController and WorkerScriptController.
Dmitry Lomov
Comment 3 2011-09-06 20:57:12 PDT
Comment on attachment 106524 [details] This patch enforces lifetime ordering between WorkerInspectorController and WorkerScriptController. chromium trybots are happy
WebKit Review Bot
Comment 4 2011-09-07 00:49:31 PDT
Comment on attachment 106524 [details] This patch enforces lifetime ordering between WorkerInspectorController and WorkerScriptController. Clearing flags on attachment: 106524 Committed r94647: <http://trac.webkit.org/changeset/94647>
WebKit Review Bot
Comment 5 2011-09-07 00:49:37 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.