[Webkit-unassigned] [Bug 95341] New: Web Inspector: The JS code injected by worker inspector shouldn't be evaluated through JSMainThreadExecState

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Aug 29 06:30:09 PDT 2012 

https://bugs.webkit.org/show_bug.cgi?id=95341

           Summary: Web Inspector:  The JS code injected by worker
                    inspector shouldn't be evaluated through
                    JSMainThreadExecState
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: All
        OS/Version: All
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: Web Inspector
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: peter.wang at torchmobile.com.cn
                CC: timothy at apple.com, rik at webkit.org, keishi at webkit.org,
                    pmuellr at yahoo.com, joepeck at webkit.org,
                    pfeldman at chromium.org, yurys at chromium.org,
                    bweinstein at apple.com, apavlov at chromium.org,
                    loislo at chromium.org


The implementation of "JSC::JSInjectedScriptManager" and "JSC::ScriptFunctionCall" have a defect, the injected JS is alwyas evaluated through "JSMainThreadExecState". It will cause failed assert, like this:

    at /home/torch-admin/project/upstream/Source/WebCore/bindings/js/JSMainThreadExecState.h:84
84            ASSERT(isMainThread());
(gdb) bt 
#0  0x00007ffff51f4fcd in WebCore::JSMainThreadExecState::JSMainThreadExecState (this=0x7fff91eb71f0, exec=0x7fff90a4f888)
    at /home/torch-admin/project/upstream/Source/WebCore/bindings/js/JSMainThreadExecState.h:84
#1  0x00007ffff5233242 in WebCore::JSMainThreadExecState::evaluate (exec=0x7fff90a4f888, chain=0x7fff90a2ffc0, source=..., 
    thisValue=..., exception=0x7fff91eb7350)
    at /home/torch-admin/project/upstream/Source/WebCore/bindings/js/JSMainThreadExecState.h:75
#2  0x00007ffff5233400 in WebCore::InjectedScriptManager::createInjectedScript (this=0x7fff88009db0, source=..., 
    scriptState=0x7fff90a4f888, id=1) at /home/torch-admin/project/upstream/Source/WebCore/bindings/js/JSInjectedScriptManager.cpp:64
#3  0x00007ffff578801b in WebCore::InjectedScriptManager::injectScript (this=0x7fff88009db0, source=..., scriptState=0x7fff90a4f888)
    at /home/torch-admin/project/upstream/Source/WebCore/inspector/InjectedScriptManager.cpp:170
#4  0x00007ffff578823d in WebCore::InjectedScriptManager::injectedScriptFor (this=0x7fff88009db0, inspectedScriptState=0x7fff90a4f888)
    at /home/torch-admin/project/upstream/Source/WebCore/inspector/InjectedScriptManager.cpp:185
#5  0x00007ffff5861a1a in WebCore::WorkerRuntimeAgent::injectedScriptForEval (this=0x7fff88009f10, error=0x7fff91eb7810, 
    executionContextId=0x0) at /home/torch-admin/project/upstream/Source/WebCore/inspector/WorkerRuntimeAgent.cpp:64
#6  0x00007ffff582f833 in WebCore::InspectorRuntimeAgent::evaluate (this=0x7fff88009f10, errorString=0x7fff91eb7810, expression=..., 
    objectGroup=0x0, includeCommandLineAPI=0x0, doNotPauseOnExceptionsAndMuteConsole=0x7fff91eb789c, executionContextId=0x0, 
    returnByValue=0x7fff91eb789f, result=..., wasThrown=0x7fff91eb7890)
    at /home/torch-admin/project/upstream/Source/WebCore/inspector/InspectorRuntimeAgent.cpp:88
#7  0x00007ffff6215ca8 in WebCore::InspectorBackendDispatcherImpl::Runtime_evaluate (this=0x7fff880240d0, callId=23, 
    requestMessageObject=0x7fff88024190) at generated/InspectorBackendDispatcher.cpp:1357
#8  0x00007ffff623daad in WebCore::InspectorBackendDispatcherImpl::dispatch (this=0x7fff880240d0, message=...)
    at generated/InspectorBackendDispatcher.cpp:5485
#9  0x00007ffff5860e1a in WebCore::WorkerInspectorController::dispatchMessageFromFrontend (this=0x7fff88009bd0, message=...)
    at /home/torch-admin/project/upstream/Source/WebCore/inspector/WorkerInspectorController.cpp:188
#10 0x00007ffff5e0e3e5 in WebCore::dispatchOnInspectorBackendTask (context=0x7fff880008e0, message=...)
    at /home/torch-admin/project/upstream/Source/WebCore/workers/WorkerMessagingProxy.cpp:420
#11 0x00007ffff5890942 in WebCore::CrossThreadTask1<WTF::String, WTF::String const&>::performTask (this=0x1b65c60, 
    context=0x7fff880008e0) at /home/torch-admin/project/upstream/Source/WebCore/dom/CrossThreadTask.h:81
#12 0x00007ffff5e11415 in WebCore::WorkerRunLoop::Task::performTask (this=0x1b52bc0, runLoop=..., context=0x7fff880008e0)
    at /home/torch-admin/project/upstream/Source/WebCore/workers/WorkerRunLoop.cpp:228
#13 0x00007ffff5e10edf in WebCore::WorkerRunLoop::runInMode (this=0x1aa6170, context=0x7fff880008e0, predicate=..., 
    waitMode=WebCore::WorkerRunLoop::WaitForMessage) at /home/torch-admin/project/upstream/Source/WebCore/workers/WorkerRunLoop.cpp:177
#14 0x00007ffff5e10af4 in WebCore::WorkerRunLoop::run (this=0x1aa6170, context=0x7fff880008e0)
    at /home/torch-admin/project/upstream/Source/WebCore/workers/WorkerRunLoop.cpp:135
#15 0x00007ffff5e1475f in WebCore::WorkerThread::runEventLoop (this=0x1aa6140)
    at /home/torch-admin/project/upstream/Source/WebCore/workers/WorkerThread.cpp:195
......

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list