[webkit-reviews] review requested: [Bug 210794] WebKit.WebContent process crashes when web developer tools are opened in Safari : [Attachment 397995] [Patch] WIP

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Apr 29 13:39:08 PDT 2020 

Devin Rousso <drousso at apple.com> has asked  for review:
Bug 210794: WebKit.WebContent process crashes when web developer tools are
opened in Safari
https://bugs.webkit.org/show_bug.cgi?id=210794

Attachment 397995: [Patch] WIP

https://bugs.webkit.org/attachment.cgi?id=397995&action=review




--- Comment #7 from Devin Rousso <drousso at apple.com> ---
Created attachment 397995

  --> https://bugs.webkit.org/attachment.cgi?id=397995&action=review

[Patch] WIP

Speculative fix that seems to work.

Before this change, this was the order of events by adding
`WTFReportBacktrace();` inside
 - the lambda given to the `ScriptExecutionContext::Task` created in
`WorkerMessagingProxy::postMessageToWorkerGlobalScope`
 - in `WorkerScriptController::scheduleExecutionTermination` right before
`m_isTerminatingExecution = true;`
 - in `WorkerScriptController::isTerminatingExecution` right before `return
m_isTerminatingExecution;`

>>> m_isTerminatingExecution == false
1   0x1975840f5 WebCore::WorkerScriptController::isTerminatingExecution() const
2   0x1996ba5ad
WebCore::WorkerRunLoop::Task::performTask(WebCore::WorkerGlobalScope*)
3   0x1996b9ad7 WebCore::WorkerRunLoop::runInMode(WebCore::WorkerGlobalScope*,
WebCore::ModePredicate const&, WebCore::WorkerRunLoop::WaitMode)
4   0x1996b96d8 WebCore::WorkerRunLoop::run(WebCore::WorkerGlobalScope*)
5   0x1996bd518 WebCore::WorkerThread::runEventLoop()
6   0x19969e634 WebCore::DedicatedWorkerThread::runEventLoop()
7   0x1996bcfe1 WebCore::WorkerThread::workerThread()
8   0x1996d0118 WebCore::WorkerThread::start(WTF::Function<void (WTF::String
const&)>&&)::$_16::operator()() const
9   0x1996d00ce
WTF::Detail::CallableWrapper<WebCore::WorkerThread::start(WTF::Function<void
(WTF::String const&)>&&)::$_16, void>::call()
10  0x1b06e5792 WTF::Function<void ()>::operator()() const
11  0x1b078be58 WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*)
12  0x1b0797588 WTF::wtfThreadEntryPoint(void*)
13  0x7fff6bc80109 _pthread_start
14  0x7fff6bc7bb8b thread_start
>>> m_askedToTerminate == true



>>> m_isTerminatingExecution = true
1   0x1975842fe WebCore::WorkerScriptController::scheduleExecutionTermination()
2   0x1996b8ce2 WebCore::WorkerThread::stop(WTF::Function<void ()>&&)
3   0x1996b91b0 WebCore::WorkerMessagingProxy::terminateWorkerGlobalScope()
4   0x19969f7f4 WebCore::Worker::terminate()
5   0x1968ede4e
WebCore::jsWorkerPrototypeFunctionTerminateBody(JSC::JSGlobalObject*,
JSC::CallFrame*, WebCore::JSWorker*, JSC::ThrowScope&)
6   0x196868932 long long
WebCore::IDLOperation<WebCore::JSWorker>::call<&(WebCore::jsWorkerPrototypeFunc
tionTerminateBody(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::JSWorker*,
JSC::ThrowScope&)), (WebCore::CastedThisErrorBehavior)0>(JSC::JSGlobalObject&,
JSC::CallFrame&, char const*)
7   0x196868614
WebCore::jsWorkerPrototypeFunctionTerminate(JSC::JSGlobalObject*,
JSC::CallFrame*)
8   0x5a8095e011d8
9   0x1b0bdee3f llint_entry
10  0x1b0bbf763 vmEntryToJavaScript
11  0x1b197d277 JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*)
12  0x1b197d9f1 JSC::Interpreter::executeCall(JSC::JSGlobalObject*,
JSC::JSObject*, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&)
13  0x1b1cd51ad JSC::call(JSC::JSGlobalObject*, JSC::JSValue, JSC::CallData
const&, JSC::JSValue, JSC::ArgList const&)
14  0x1b1cd528f JSC::call(JSC::JSGlobalObject*, JSC::JSValue, JSC::CallData
const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&)
15  0x1b1cd5572 JSC::profiledCall(JSC::JSGlobalObject*, JSC::ProfilingReason,
JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&,
WTF::NakedPtr<JSC::Exception>&)
16  0x1974c77de WebCore::JSExecState::profiledCall(JSC::JSGlobalObject*,
JSC::ProfilingReason, JSC::JSValue, JSC::CallData const&, JSC::JSValue,
JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&)
17  0x1974e43bc
WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext&,
WebCore::Event&)
18  0x197b33a57
WebCore::EventTarget::innerInvokeEventListeners(WebCore::Event&,
WTF::Vector<WTF::RefPtr<WebCore::RegisteredEventListener,
WTF::DumbPtrTraits<WebCore::RegisteredEventListener> >, 1ul,
WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>,
WebCore::EventTarget::EventInvokePhase)
19  0x197b2fd60 WebCore::EventTarget::fireEventListeners(WebCore::Event&,
WebCore::EventTarget::EventInvokePhase)
20  0x197ba6002 WebCore::Node::handleLocalEvents(WebCore::Event&,
WebCore::EventTarget::EventInvokePhase)
21  0x197b1e4a1 WebCore::EventContext::handleLocalEvents(WebCore::Event&,
WebCore::EventTarget::EventInvokePhase) const
22  0x197b1e6db
WebCore::MouseOrFocusEventContext::handleLocalEvents(WebCore::Event&,
WebCore::EventTarget::EventInvokePhase) const
23  0x197b1ef6f WebCore::dispatchEventInDOM(WebCore::Event&, WebCore::EventPath
const&)
24  0x197b1eaa7 WebCore::EventDispatcher::dispatchEvent(WebCore::Node&,
WebCore::Event&)
25  0x197ba605d WebCore::Node::dispatchEvent(WebCore::Event&)
26  0x197ad573e
WebCore::Element::dispatchMouseEvent(WebCore::PlatformMouseEvent const&,
WTF::AtomString const&, int, WebCore::Element*)
27  0x19869aa1d WebCore::EventHandler::dispatchMouseEvent(WTF::AtomString
const&, WebCore::Node*, bool, int, WebCore::PlatformMouseEvent const&, bool)
28  0x19869d8e4
WebCore::EventHandler::handleMouseReleaseEvent(WebCore::PlatformMouseEvent
const&)
29  0x199284923
WebCore::UserInputBridge::handleMouseReleaseEvent(WebCore::PlatformMouseEvent
const&, WebCore::InputSource)
30  0x1898b6847 WebKit::handleMouseEvent(WebKit::WebMouseEvent const&,
WebKit::WebPage*)
31  0x1898b6609 WebKit::WebPage::mouseEvent(WebKit::WebMouseEvent const&)



>>> m_isTerminatingExecution == true
1   0x1975840f5 WebCore::WorkerScriptController::isTerminatingExecution() const
2   0x1974e447e
WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext&,
WebCore::Event&)
3   0x197b33a57
WebCore::EventTarget::innerInvokeEventListeners(WebCore::Event&,
WTF::Vector<WTF::RefPtr<WebCore::RegisteredEventListener,
WTF::DumbPtrTraits<WebCore::RegisteredEventListener> >, 1ul,
WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>,
WebCore::EventTarget::EventInvokePhase)
4   0x197b2fd60 WebCore::EventTarget::fireEventListeners(WebCore::Event&,
WebCore::EventTarget::EventInvokePhase)
5   0x197b3354d WebCore::EventTarget::dispatchEvent(WebCore::Event&)
6   0x1996c5b2f
WebCore::WorkerMessagingProxy::postMessageToWorkerGlobalScope(WebCore::MessageW
ithMessagePorts&&)::$_5::operator()(WebCore::ScriptExecutionContext&)
7   0x1996c58f3
WTF::Detail::CallableWrapper<WebCore::WorkerMessagingProxy::postMessageToWorker
GlobalScope(WebCore::MessageWithMessagePorts&&)::$_5, void,
WebCore::ScriptExecutionContext&>::call(WebCore::ScriptExecutionContext&)
8   0x19735f44a WTF::Function<void
(WebCore::ScriptExecutionContext&)>::operator()(WebCore::ScriptExecutionContext
&) const
9   0x19734abdd
WebCore::ScriptExecutionContext::Task::performTask(WebCore::ScriptExecutionCont
ext&)
10  0x1996ba5e0
WebCore::WorkerRunLoop::Task::performTask(WebCore::WorkerGlobalScope*)
11  0x1996b9ad7 WebCore::WorkerRunLoop::runInMode(WebCore::WorkerGlobalScope*,
WebCore::ModePredicate const&, WebCore::WorkerRunLoop::WaitMode)
12  0x1996b96d8 WebCore::WorkerRunLoop::run(WebCore::WorkerGlobalScope*)
13  0x1996bd518 WebCore::WorkerThread::runEventLoop()
14  0x19969e634 WebCore::DedicatedWorkerThread::runEventLoop()
15  0x1996bcfe1 WebCore::WorkerThread::workerThread()
16  0x1996d0118 WebCore::WorkerThread::start(WTF::Function<void (WTF::String
const&)>&&)::$_16::operator()() const
17  0x1996d00ce
WTF::Detail::CallableWrapper<WebCore::WorkerThread::start(WTF::Function<void
(WTF::String const&)>&&)::$_16, void>::call()
18  0x1b06e5792 WTF::Function<void ()>::operator()() const
19  0x1b078be58 WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*)
20  0x1b0797588 WTF::wtfThreadEntryPoint(void*)
21  0x7fff6bc80109 _pthread_start
22  0x7fff6bc7bb8b thread_start



SHOULD NEVER BE REACHED
./bindings/ScriptValue.cpp(45) : RefPtr<JSON::Value>
Inspector::jsToInspectorValue(JSC::JSGlobalObject *, JSC::JSValue, int)
1   0x1b06be9e9 WTFCrash
2   0x1b0e031bb WTFCrashWithInfo(int, char const*, char const*, int)
3   0x1b100b193 Inspector::jsToInspectorValue(JSC::JSGlobalObject*,
JSC::JSValue, int)
4   0x1b100b0f9 Inspector::toInspectorValue(JSC::JSGlobalObject*, JSC::JSValue)
5   0x1b184c920
Inspector::InjectedScriptBase::makeCall(Deprecated::ScriptFunctionCall&)
6   0x1b184ee10 Inspector::InjectedScript::clearEventValue()
7   0x1b185160a Inspector::InjectedScriptManager::clearEventValue()
8   0x1982df1f9 WebCore::InspectorDOMDebuggerAgent::didHandleEvent()
9   0x198218e41
WebCore::InspectorInstrumentation::didHandleEventImpl(WebCore::InstrumentingAge
nts&)
10  0x197b33f9a
WebCore::InspectorInstrumentation::didHandleEvent(WebCore::ScriptExecutionConte
xt&)
11  0x197b33a60
WebCore::EventTarget::innerInvokeEventListeners(WebCore::Event&,
WTF::Vector<WTF::RefPtr<WebCore::RegisteredEventListener,
WTF::DumbPtrTraits<WebCore::RegisteredEventListener> >, 1ul,
WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>,
WebCore::EventTarget::EventInvokePhase)
12  0x197b2fd60 WebCore::EventTarget::fireEventListeners(WebCore::Event&,
WebCore::EventTarget::EventInvokePhase)
13  0x197b3354d WebCore::EventTarget::dispatchEvent(WebCore::Event&)
14  0x1996c5b2f
WebCore::WorkerMessagingProxy::postMessageToWorkerGlobalScope(WebCore::MessageW
ithMessagePorts&&)::$_5::operator()(WebCore::ScriptExecutionContext&)
15  0x1996c58f3
WTF::Detail::CallableWrapper<WebCore::WorkerMessagingProxy::postMessageToWorker
GlobalScope(WebCore::MessageWithMessagePorts&&)::$_5, void,
WebCore::ScriptExecutionContext&>::call(WebCore::ScriptExecutionContext&)
16  0x19735f44a WTF::Function<void
(WebCore::ScriptExecutionContext&)>::operator()(WebCore::ScriptExecutionContext
&) const
17  0x19734abdd
WebCore::ScriptExecutionContext::Task::performTask(WebCore::ScriptExecutionCont
ext&)
18  0x1996ba5e0
WebCore::WorkerRunLoop::Task::performTask(WebCore::WorkerGlobalScope*)
19  0x1996b9ad7 WebCore::WorkerRunLoop::runInMode(WebCore::WorkerGlobalScope*,
WebCore::ModePredicate const&, WebCore::WorkerRunLoop::WaitMode)
20  0x1996b96d8 WebCore::WorkerRunLoop::run(WebCore::WorkerGlobalScope*)
21  0x1996bd518 WebCore::WorkerThread::runEventLoop()
22  0x19969e634 WebCore::DedicatedWorkerThread::runEventLoop()
23  0x1996bcfe1 WebCore::WorkerThread::workerThread()
24  0x1996d0118 WebCore::WorkerThread::start(WTF::Function<void (WTF::String
const&)>&&)::$_16::operator()() const
25  0x1996d00ce
WTF::Detail::CallableWrapper<WebCore::WorkerThread::start(WTF::Function<void
(WTF::String const&)>&&)::$_16, void>::call()
26  0x1b06e5792 WTF::Function<void ()>::operator()() const
27  0x1b078be58 WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*)
28  0x1b0797588 WTF::wtfThreadEntryPoint(void*)
29  0x7fff6bc80109 _pthread_start
30  0x7fff6bc7bb8b thread_start

More information about the webkit-reviews mailing list