Project: chromium Issues People Development process History Sign in
New issue
Advanced search Search tips
Issue 351292 ThreadSanitizer v2 reports data races on Blink string refcounters in WebCore::KURL::KURL
Starred by 1 user Project Member Reported by glider@chromium.org, Mar 11, 2014 Back to list
Status: Fixed
Owner: tyoshino@chromium.org
Closed: Mar 2014
Cc: dvyukov@chromium.org, jochen@chromium.org, yhirano@chromium.org, kcc@chromium.org, kinuko@chromium.org, ricea@chromium.org, tyoshino@chromium.org, horo@chromium.org, abarth@chromium.org
Components:
OS: Linux
Pri: 2
Type: Bug


Sign in to add a comment
From http://build.chromium.org/p/chromium.memory.fyi/builders/Linux%20Tests%20%28TSan%20v2%29%282%29/builds/2065/steps/content_browsertests/logs/stdio:

[ RUN      ] WorkerTest.WebSocketSharedWorker
Xlib:  extension "RANDR" missing on display ":9".
[16088:16133:0311/054225:1677645850:WARNING:proxy_service.cc(903)] PAC support disabled because there is no system implementation
WebSocket server started on 127.0.0.1:43471...
sending server_data: {"host": "127.0.0.1", "port": 43471} (36 bytes)
[16167:16167:0311/054225:1678569441:ERROR:renderer_main.cc(227)] Running without renderer sandbox
==================
WARNING: ThreadSanitizer: data race (pid=16206)
  Write of size 4 at 0x7d1000001a00 by main thread:
    #0 ref third_party/WebKit/Source/wtf/text/StringImpl.h:280 (content_browsertests+0x000001e223cf)
    #1 refIfNotNull<WTF::StringImpl> third_party/WebKit/Source/wtf/PassRefPtr.h:50 (content_browsertests+0x000001e223cf)
    #2 RefPtr third_party/WebKit/Source/wtf/RefPtr.h:44 (content_browsertests+0x000001e223cf)
    #3 String third_party/WebKit/Source/wtf/text/WTFString.h:129 (content_browsertests+0x000001e223cf)
    #4 WebCore::KURL::KURL(WebCore::KURL const&) third_party/WebKit/Source/platform/weborigin/KURL.cpp:237 (content_browsertests+0x000001e223cf)
    #5 WebCore::WebSocketHandshakeRequest::WebSocketHandshakeRequest(WebCore::KURL const&) third_party/WebKit/Source/platform/network/WebSocketHandshakeRequest.cpp:37 (content_browsertests+0x0000044a32e9)
    #6 create third_party/WebKit/Source/platform/network/WebSocketHandshakeRequest.h:47 (content_browsertests+0x0000038a9d65)
    #7 WebCore::WebSocketHandshake::clientHandshakeRequest() const third_party/WebKit/Source/modules/websockets/WebSocketHandshake.cpp:255 (content_browsertests+0x0000038a9d65)
    #8 WebCore::MainThreadWebSocketChannel::didOpenSocketStream(WebCore::SocketStreamHandle*) third_party/WebKit/Source/modules/websockets/MainThreadWebSocketChannel.cpp:264 (content_browsertests+0x000003895135)
    #9 WebCore::SocketStreamHandleInternal::didOpenStream(blink::WebSocketStreamHandle*, int) third_party/WebKit/Source/platform/network/SocketStreamHandle.cpp:112 (content_browsertests+0x0000044a1a16)
    #10 content::WebSocketStreamHandleImpl::Context::DidOpenStream(blink::WebSocketStreamHandle*, int) content/child/web_socket_stream_handle_impl.cc:123 (content_browsertests+0x000003988f46)
    #11 OnConnected content/child/socket_stream_dispatcher.cc:133 (content_browsertests+0x0000039850a7)
    #12 OnConnected content/child/socket_stream_dispatcher.cc:204 (content_browsertests+0x0000039850a7)
    #13 DispatchToMethod<content::SocketStreamDispatcher, void (content::SocketStreamDispatcher::*)(int, int), int, int> base/tuple.h:555 (content_browsertests+0x0000039850a7)
    #14 Dispatch<content::SocketStreamDispatcher, content::SocketStreamDispatcher, void (content::SocketStreamDispatcher::*)(int, int)> content/common/socket_stream_messages.h:58 (content_browsertests+0x0000039850a7)
    #15 content::SocketStreamDispatcher::OnMessageReceived(IPC::Message const&) content/child/socket_stream_dispatcher.cc:186 (content_browsertests+0x0000039850a7)
    #16 content::ChildThread::OnMessageReceived(IPC::Message const&) content/child/child_thread.cc:412 (content_browsertests+0x000003923f4d)
    #17 content::WorkerThread::OnMessageReceived(IPC::Message const&) content/worker/worker_thread.cc:113 (content_browsertests+0x000004879e36)
    #18 IPC::ChannelProxy::Context::OnDispatchMessage(IPC::Message const&) ipc/ipc_channel_proxy.cc:372 (content_browsertests+0x000000f3cca5)
    #19 Run base/bind_internal.h:190 (content_browsertests+0x000000f3ffad)
    #20 MakeItSo base/bind_internal.h:898 (content_browsertests+0x000000f3ffad)
    #21 base::internal::Invoker<2, base::internal::BindState<base::internal::RunnableAdapter<void (IPC::ChannelProxy::Context::*)(IPC::Message const&)>, void (IPC::ChannelProxy::Context*, IPC::Message const&), void (IPC::ChannelProxy::Context*, IPC::Message)>, void (IPC::ChannelProxy::Context*, IPC::Message const&)>::Run(base::internal::BindStateBase*) base/bind_internal.h:1248 (content_browsertests+0x000000f3ffad)
    #22 Run base/callback.h:401 (content_browsertests+0x000000ec8cd3)
    #23 base::MessageLoop::RunTask(base::PendingTask const&) base/message_loop/message_loop.cc:449 (content_browsertests+0x000000ec8cd3)
    #24 DeferOrRunPendingTask base/message_loop/message_loop.cc:461 (content_browsertests+0x000000ec9da2)
    #25 base::MessageLoop::DoWork() base/message_loop/message_loop.cc:575 (content_browsertests+0x000000ec9da2)
    #26 base::MessagePumpDefault::Run(base::MessagePump::Delegate*) base/message_loop/message_pump_default.cc:32 (content_browsertests+0x000000eccb20)
    #27 base::MessageLoop::RunHandler() base/message_loop/message_loop.cc:399 (content_browsertests+0x000000ec8532)
    #28 base::RunLoop::Run() base/run_loop.cc:49 (content_browsertests+0x000000ee434f)
    #29 base::MessageLoop::Run() base/message_loop/message_loop.cc:292 (content_browsertests+0x000000ec7d75)
    #30 content::WorkerMain(content::MainFunctionParams const&) content/worker/worker_main.cc:69 (content_browsertests+0x0000048791b6)
    #31 content::RunZygote(content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:391 (content_browsertests+0x0000048696ba)
    #32 content::RunNamedProcessTypeMain(std::string const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:474 (content_browsertests+0x000004869e60)
    #33 content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:779 (content_browsertests+0x00000486a8d0)
    #34 content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:19 (content_browsertests+0x00000486932e)
    #35 RunContentMain content/public/test/test_launcher.cc:455 (content_browsertests+0x000004111f30)
    #36 content::LaunchTests(content::TestLauncherDelegate*, int, int, char**) content/public/test/test_launcher.cc:491 (content_browsertests+0x000004111f30)
    #37 main content/test/content_test_launcher.cc:137 (content_browsertests+0x000000898f1e)

  Previous write of size 4 at 0x7d1000001a00 by thread T7:
    #0 deref third_party/WebKit/Source/wtf/text/StringImpl.h:290 (content_browsertests+0x00000389f324)
    #1 derefIfNotNull<WTF::StringImpl> third_party/WebKit/Source/wtf/PassRefPtr.h:57 (content_browsertests+0x00000389f324)
    #2 ~RefPtr third_party/WebKit/Source/wtf/RefPtr.h:54 (content_browsertests+0x00000389f324)
    #3 ~OwnPtr third_party/WebKit/Source/wtf/text/WTFString.h:136 (content_browsertests+0x00000389f324)
    #4 operator const class WTF::String & third_party/WebKit/Source/platform/weborigin/KURL.h:47 (content_browsertests+0x00000389f324)
    #5 WebCore::WebSocket::create(WebCore::ExecutionContext*, WTF::String const&, WTF::Vector<WTF::String, 0ul, WTF::DefaultAllocator> const&, WebCore::ExceptionState&) third_party/WebKit/Source/modules/websockets/WebSocket.cpp:261 (content_browsertests+0x00000389f324)
    #6 WebCore::WebSocket::create(WebCore::ExecutionContext*, WTF::String const&, WebCore::ExceptionState&) third_party/WebKit/Source/modules/websockets/WebSocket.cpp:248 (content_browsertests+0x00000389f19c)
    #7 constructor1 /mnt/data/b/build/slave/chromium-rel-linux-tsan-clang-builder/build/src/out/Release/gen/blink/bindings/V8WebSocket.cpp:432 (content_browsertests+0x000003300ee0)
    #8 constructor /mnt/data/b/build/slave/chromium-rel-linux-tsan-clang-builder/build/src/out/Release/gen/blink/bindings/V8WebSocket.cpp:474 (content_browsertests+0x000003300ee0)
    #9 WebCore::V8WebSocket::constructorCallback(v8::FunctionCallbackInfo<v8::Value> const&) /mnt/data/b/build/slave/chromium-rel-linux-tsan-clang-builder/build/src/out/Release/gen/blink/bindings/V8WebSocket.cpp:529 (content_browsertests+0x000003300ee0)
    #10 v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) v8/src/arguments.cc:56 (content_browsertests+0x000002459ea8)
    #11 HandleApiCallHelper<true> v8/src/builtins.cc:1215 (content_browsertests+0x000001f0d332)
    #12 Builtin_implHandleApiCallConstruct v8/src/builtins.cc:1237 (content_browsertests+0x000001f0d332)
    #13 v8::internal::Builtin_HandleApiCallConstruct(int, v8::internal::Object**, v8::internal::Isolate*) v8/src/builtins.cc:1236 (content_browsertests+0x000001f0d332)
    #14 <null> <null>:0 (0x7fe860306bce)
    #15 v8::internal::Execution::Call(v8::internal::Isolate*, v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*, bool*, bool) v8/src/execution.cc:183 (content_browsertests+0x000001f83e41)
    #16 v8::Function::Call(v8::Handle<v8::Value>, int, v8::Handle<v8::Value>*) v8/src/api.cc:3956 (content_browsertests+0x000001ecaecb)
    #17 WebCore::V8ScriptRunner::callFunction(v8::Handle<v8::Function>, WebCore::ExecutionContext*, v8::Handle<v8::Value>, int, v8::Handle<v8::Value>*, v8::Isolate*) third_party/WebKit/Source/bindings/v8/V8ScriptRunner.cpp:135 (content_browsertests+0x0000035ecaca)
    #18 WebCore::V8WorkerGlobalScopeEventListener::callListenerFunction(WebCore::ExecutionContext*, v8::Handle<v8::Value>, WebCore::Event*) third_party/WebKit/Source/bindings/v8/V8WorkerGlobalScopeEventListener.cpp:104 (content_browsertests+0x0000035f3012)
    #19 WebCore::V8AbstractEventListener::invokeEventHandler(WebCore::ExecutionContext*, WebCore::Event*, v8::Local<v8::Value>) third_party/WebKit/Source/bindings/v8/V8AbstractEventListener.cpp:127 (content_browsertests+0x000003770b72)
    #20 WebCore::V8WorkerGlobalScopeEventListener::handleEvent(WebCore::ExecutionContext*, WebCore::Event*) third_party/WebKit/Source/bindings/v8/V8WorkerGlobalScopeEventListener.cpp:78 (content_browsertests+0x0000035f2bf2)
    #21 WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1ul, WTF::DefaultAllocator>&) third_party/WebKit/Source/core/events/EventTarget.cpp:328 (content_browsertests+0x000001ceab2c)
    #22 WebCore::EventTarget::fireEventListeners(WebCore::Event*) third_party/WebKit/Source/core/events/EventTarget.cpp:270 (content_browsertests+0x000001cea365)
    #23 WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) third_party/WebKit/Source/core/events/EventTarget.cpp:178 (content_browsertests+0x000001cea155)
    #24 WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, WebCore::ExceptionState&) third_party/WebKit/Source/core/events/EventTarget.cpp:170 (content_browsertests+0x000001cea023)
    #25 WebCore::MessagePort::dispatchMessages() third_party/WebKit/Source/core/dom/MessagePort.cpp:183 (content_browsertests+0x000001c619d4)
    #26 operator() third_party/WebKit/Source/wtf/Functional.h:183 (content_browsertests+0x000001c631d6)
    #27 WTF::BoundFunctionImpl<WTF::FunctionWrapper<void (WebCore::MessagePort::*)()>, void (WTF::WeakPtr<WebCore::MessagePort>)>::operator()() third_party/WebKit/Source/wtf/Functional.h:400 (content_browsertests+0x000001c631d6)
    #28 operator() third_party/WebKit/Source/wtf/Functional.h:577 (content_browsertests+0x000001ca759f)
    #29 WebCore::CallClosureTask::performTask(WebCore::ExecutionContext*) third_party/WebKit/Source/core/dom/ExecutionContextTask.h:56 (content_browsertests+0x000001ca759f)
    #30 WebCore::WorkerRunLoopTask::run() third_party/WebKit/Source/core/workers/WorkerRunLoop.cpp:59 (content_browsertests+0x000002b27967)
    #31 WebCore::WorkerRunLoop::run(WTF::MessageQueue<blink::WebThread::Task>&, WebCore::WorkerRunLoop::WaitMode) third_party/WebKit/Source/core/workers/WorkerRunLoop.cpp:223 (content_browsertests+0x000002b26a2a)
    #32 WebCore::WorkerRunLoop::run() third_party/WebKit/Source/core/workers/WorkerRunLoop.cpp:164 (content_browsertests+0x000002b26662)
    #33 WebCore::WorkerThread::runEventLoop() third_party/WebKit/Source/core/workers/WorkerThread.cpp:162 (content_browsertests+0x000002b2978d)
    #34 WebCore::WorkerThread::workerThread() third_party/WebKit/Source/core/workers/WorkerThread.cpp:136 (content_browsertests+0x000002b29631)
    #35 WebCore::WorkerThread::workerThreadStart(void*) third_party/WebKit/Source/core/workers/WorkerThread.cpp:104 (content_browsertests+0x000002b29159)
    #36 WTF::threadEntryPoint(void*) third_party/WebKit/Source/wtf/Threading.cpp:69 (content_browsertests+0x00000445270f)
    #37 WTF::wtfThreadEntryPoint(void*) third_party/WebKit/Source/wtf/ThreadingPthreads.cpp:175 (content_browsertests+0x000001badc0d)

  Location is heap block of size 55 at 0x7d1000001a00 allocated by thread T7:
    #0 malloc /usr/local/google/work/chromium/src/third_party/llvm/projects/compiler-rt/lib/tsan/rtl/tsan_interceptors.cc:469 (content_browsertests+0x00000060454d)
    #1 partitionAllocGenericFlags third_party/WebKit/Source/wtf/PartitionAlloc.h:533 (content_browsertests+0x000001bbe7bd)
    #2 partitionAllocGeneric third_party/WebKit/Source/wtf/PartitionAlloc.h:549 (content_browsertests+0x000001bbe7bd)
    #3 createUninitialized third_party/WebKit/Source/wtf/text/StringImpl.cpp:299 (content_browsertests+0x000001bbe7bd)
    #4 WTF::StringImpl::create(unsigned char const*, unsigned int) third_party/WebKit/Source/wtf/text/StringImpl.cpp:418 (content_browsertests+0x000001bbe7bd)
    #5 create third_party/WebKit/Source/wtf/text/StringImpl.h:198 (content_browsertests+0x000001bb9cf2)
    #6 WTF::HashAndUTF8CharactersTranslator::translate(WTF::StringImpl*&, WTF::HashAndUTF8Characters const&, unsigned int) third_party/WebKit/Source/wtf/text/AtomicString.cpp:268 (content_browsertests+0x000001bb9cf2)
    #7 translate<WTF::StringImpl *, WTF::HashAndUTF8Characters> third_party/WebKit/Source/wtf/HashSet.h:140 (content_browsertests+0x000001bb99e0)
    #8 WTF::HashTableAddResult<WTF::StringImpl*> WTF::HashTable<WTF::StringImpl*, WTF::StringImpl*, WTF::IdentityExtractor, WTF::StringHash, WTF::HashTraits<WTF::StringImpl*>, WTF::HashTraits<WTF::StringImpl*>, WTF::DefaultAllocator>::addPassingHashCode<WTF::HashSetTranslatorAdapter<WTF::HashAndUTF8CharactersTranslator>, WTF::HashAndUTF8Characters, WTF::HashAndUTF8Characters>(WTF::HashAndUTF8Characters const&, WTF::HashAndUTF8Characters const&) third_party/WebKit/Source/wtf/HashTable.h:767 (content_browsertests+0x000001bb99e0)
    #9 atomicStrings third_party/WebKit/Source/wtf/HashSet.h:212 (content_browsertests+0x000001bb94a8)
    #10 addToStringTable<WTF::HashAndUTF8Characters, WTF::HashAndUTF8CharactersTranslator> third_party/WebKit/Source/wtf/text/AtomicString.cpp:116 (content_browsertests+0x000001bb94a8)
    #11 WTF::AtomicString::fromUTF8Internal(char const*, char const*) third_party/WebKit/Source/wtf/text/AtomicString.cpp:488 (content_browsertests+0x000001bb94a8)
    #12 fromUTF8 third_party/WebKit/Source/wtf/text/AtomicString.h:239 (content_browsertests+0x000001e24fcc)
    #13 void WebCore::KURL::init<char>(WebCore::KURL const&, char const*, int, WTF::TextEncoding const*) third_party/WebKit/Source/platform/weborigin/KURL.cpp:776 (content_browsertests+0x000001e24fcc)
    #14 WebCore::KURL::init(WebCore::KURL const&, WTF::String const&, WTF::TextEncoding const*) third_party/WebKit/Source/platform/weborigin/KURL.cpp:748 (content_browsertests+0x000001e21a96)
    #15 WebCore::KURL::KURL(WebCore::KURL const&, WTF::String const&) third_party/WebKit/Source/platform/weborigin/KURL.cpp:205 (content_browsertests+0x000001e21dd4)
    #16 completeURL third_party/WebKit/Source/core/workers/WorkerGlobalScope.cpp:129 (content_browsertests+0x000002ccec4b)
    #17 virtualCompleteURL third_party/WebKit/Source/core/workers/WorkerGlobalScope.cpp:119 (content_browsertests+0x000002ccec4b)
    #18 non-virtual thunk to WebCore::WorkerGlobalScope::virtualCompleteURL(WTF::String const&) const third_party/WebKit/Source/core/workers/WorkerGlobalScope.cpp:120 (content_browsertests+0x000002ccec4b)
    #19 WebCore::ExecutionContext::completeURL(WTF::String const&) const third_party/WebKit/Source/core/dom/ExecutionContext.cpp:264 (content_browsertests+0x000001ca4ec4)
    #20 WebCore::WebSocket::create(WebCore::ExecutionContext*, WTF::String const&, WTF::Vector<WTF::String, 0ul, WTF::DefaultAllocator> const&, WebCore::ExceptionState&) third_party/WebKit/Source/modules/websockets/WebSocket.cpp:261 (content_browsertests+0x00000389f231)
    #21 WebCore::WebSocket::create(WebCore::ExecutionContext*, WTF::String const&, WebCore::ExceptionState&) third_party/WebKit/Source/modules/websockets/WebSocket.cpp:248 (content_browsertests+0x00000389f19c)
    #22 constructor1 /mnt/data/b/build/slave/chromium-rel-linux-tsan-clang-builder/build/src/out/Release/gen/blink/bindings/V8WebSocket.cpp:432 (content_browsertests+0x000003300ee0)
    #23 constructor /mnt/data/b/build/slave/chromium-rel-linux-tsan-clang-builder/build/src/out/Release/gen/blink/bindings/V8WebSocket.cpp:474 (content_browsertests+0x000003300ee0)
    #24 WebCore::V8WebSocket::constructorCallback(v8::FunctionCallbackInfo<v8::Value> const&) /mnt/data/b/build/slave/chromium-rel-linux-tsan-clang-builder/build/src/out/Release/gen/blink/bindings/V8WebSocket.cpp:529 (content_browsertests+0x000003300ee0)
    #25 v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) v8/src/arguments.cc:56 (content_browsertests+0x000002459ea8)
    #26 HandleApiCallHelper<true> v8/src/builtins.cc:1215 (content_browsertests+0x000001f0d332)
    #27 Builtin_implHandleApiCallConstruct v8/src/builtins.cc:1237 (content_browsertests+0x000001f0d332)
    #28 v8::internal::Builtin_HandleApiCallConstruct(int, v8::internal::Object**, v8::internal::Isolate*) v8/src/builtins.cc:1236 (content_browsertests+0x000001f0d332)
    #29 <null> <null>:0 (0x7fe860306bce)
    #30 v8::internal::Execution::Call(v8::internal::Isolate*, v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*, bool*, bool) v8/src/execution.cc:183 (content_browsertests+0x000001f83e41)
    #31 v8::Function::Call(v8::Handle<v8::Value>, int, v8::Handle<v8::Value>*) v8/src/api.cc:3956 (content_browsertests+0x000001ecaecb)
    #32 WebCore::V8ScriptRunner::callFunction(v8::Handle<v8::Function>, WebCore::ExecutionContext*, v8::Handle<v8::Value>, int, v8::Handle<v8::Value>*, v8::Isolate*) third_party/WebKit/Source/bindings/v8/V8ScriptRunner.cpp:135 (content_browsertests+0x0000035ecaca)
    #33 WebCore::V8WorkerGlobalScopeEventListener::callListenerFunction(WebCore::ExecutionContext*, v8::Handle<v8::Value>, WebCore::Event*) third_party/WebKit/Source/bindings/v8/V8WorkerGlobalScopeEventListener.cpp:104 (content_browsertests+0x0000035f3012)
    #34 WebCore::V8AbstractEventListener::invokeEventHandler(WebCore::ExecutionContext*, WebCore::Event*, v8::Local<v8::Value>) third_party/WebKit/Source/bindings/v8/V8AbstractEventListener.cpp:127 (content_browsertests+0x000003770b72)
    #35 WebCore::V8WorkerGlobalScopeEventListener::handleEvent(WebCore::ExecutionContext*, WebCore::Event*) third_party/WebKit/Source/bindings/v8/V8WorkerGlobalScopeEventListener.cpp:78 (content_browsertests+0x0000035f2bf2)
    #36 WebCore::EventTarget::fireEventListeners(WebCore::Event*, WebCore::EventTargetData*, WTF::Vector<WebCore::RegisteredEventListener, 1ul, WTF::DefaultAllocator>&) third_party/WebKit/Source/core/events/EventTarget.cpp:328 (content_browsertests+0x000001ceab2c)
    #37 WebCore::EventTarget::fireEventListeners(WebCore::Event*) third_party/WebKit/Source/core/events/EventTarget.cpp:270 (content_browsertests+0x000001cea365)
    #38 WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>) third_party/WebKit/Source/core/events/EventTarget.cpp:178 (content_browsertests+0x000001cea155)
    #39 WebCore::EventTarget::dispatchEvent(WTF::PassRefPtr<WebCore::Event>, WebCore::ExceptionState&) third_party/WebKit/Source/core/events/EventTarget.cpp:170 (content_browsertests+0x000001cea023)
    #40 WebCore::MessagePort::dispatchMessages() third_party/WebKit/Source/core/dom/MessagePort.cpp:183 (content_browsertests+0x000001c619d4)
    #41 operator() third_party/WebKit/Source/wtf/Functional.h:183 (content_browsertests+0x000001c631d6)
    #42 WTF::BoundFunctionImpl<WTF::FunctionWrapper<void (WebCore::MessagePort::*)()>, void (WTF::WeakPtr<WebCore::MessagePort>)>::operator()() third_party/WebKit/Source/wtf/Functional.h:400 (content_browsertests+0x000001c631d6)
    #43 operator() third_party/WebKit/Source/wtf/Functional.h:577 (content_browsertests+0x000001ca759f)
    #44 WebCore::CallClosureTask::performTask(WebCore::ExecutionContext*) third_party/WebKit/Source/core/dom/ExecutionContextTask.h:56 (content_browsertests+0x000001ca759f)
    #45 WebCore::WorkerRunLoopTask::run() third_party/WebKit/Source/core/workers/WorkerRunLoop.cpp:59 (content_browsertests+0x000002b27967)
    #46 WebCore::WorkerRunLoop::run(WTF::MessageQueue<blink::WebThread::Task>&, WebCore::WorkerRunLoop::WaitMode) third_party/WebKit/Source/core/workers/WorkerRunLoop.cpp:223 (content_browsertests+0x000002b26a2a)
    #47 WebCore::WorkerRunLoop::run() third_party/WebKit/Source/core/workers/WorkerRunLoop.cpp:164 (content_browsertests+0x000002b26662)
    #48 WebCore::WorkerThread::runEventLoop() third_party/WebKit/Source/core/workers/WorkerThread.cpp:162 (content_browsertests+0x000002b2978d)
    #49 WebCore::WorkerThread::workerThread() third_party/WebKit/Source/core/workers/WorkerThread.cpp:136 (content_browsertests+0x000002b29631)
    #50 WebCore::WorkerThread::workerThreadStart(void*) third_party/WebKit/Source/core/workers/WorkerThread.cpp:104 (content_browsertests+0x000002b29159)
    #51 WTF::threadEntryPoint(void*) third_party/WebKit/Source/wtf/Threading.cpp:69 (content_browsertests+0x00000445270f)
    #52 WTF::wtfThreadEntryPoint(void*) third_party/WebKit/Source/wtf/ThreadingPthreads.cpp:175 (content_browsertests+0x000001badc0d)

 
Comment 1 by jochen@chromium.org, Mar 11, 2014
Cc: yhirano@chromium.org tyoshino@chromium.org ricea@chromium.org
Comment 2 by jochen@chromium.org, Mar 11, 2014
Cc: kinuko@chromium.org horo@chromium.org
Comment 3 by abarth@chromium.org, Mar 11, 2014
Owner: tyoshino@chromium.org
Looks likely to be a real race.
Comment 4 by tyoshino@chromium.org, Mar 12, 2014
Status: Started
CrossThreadCopier for the url parameter of mainThreadConnect has been removed accidentally on this refactoring. http://src.chromium.org/viewvc/blink/trunk/Source/modules/websockets/WorkerThreadableWebSocketChannel.cpp?r1=166376&r2=166377&

createCallbackTask was silently wrapping it with CrossThreadCopier. I'll write a fix.
Comment 5 by kinuko@chromium.org, Mar 12, 2014
Ah yes, I forgot to call isolatedCopy there for url... thanks tyoshino!
Comment 6 by ricea@chromium.org, Mar 12, 2014
Could this be related to http://crbug.com/349537 ?
Comment 7 by kinuko@chromium.org, Mar 12, 2014
#6: Oh... yeah might be.
Project Member Comment 8 by bugdroid1@chromium.org, Mar 12, 2014
The following revision refers to this bug:
    http://src.chromium.org/viewvc/blink?view=rev&rev=168992

------------------------------------------------------------------------
r168992 | tyoshino@chromium.org | 2014-03-12T08:01:21.346558Z

Changed paths:
   M http://src.chromium.org/viewvc/blink/trunk/Source/modules/websockets/WorkerThreadableWebSocketChannel.cpp?r1=168992&r2=168991&pathrev=168992

[WebSocket] Create an isolated copy of the KURL parameter in Bridge::Connect()

WorkerThreadableWebSocketChannel::Bridge::connect() creates a closure of
Peer::connect call from url. Since this closure will be used by the main
thread while this method is called from the worker thread, we need to
create an isolated copy of it.

Recent refactoring changed this method to use CallClosureTask::create +
bind from createCallbackTask. Since createCallbackTask wraps arguments
with CrossThreadCopier, not calling copy() on url was not a problem in
the old code.

On the other hand, in Bridge::initializ(), isolateCopy() call on
sourceURL is redundant since createCallbackTask is used there. This
change removes it.

BUG= 351292 

Review URL: https://codereview.chromium.org/196023005
------------------------------------------------------------------------
Comment 9 by tyoshino@chromium.org, Mar 24, 2014
Labels: Cr-Blink-WebSockets
Status: Fixed
Closing as this is no longer observed at least on the last 100 builds.
Comment 10 by tkent@chromium.org, Nov 26, 2015
Labels: Cr-Blink-Network-WebSockets
Comment 11 by tkent@chromium.org, Nov 27, 2015
Labels: -Cr-Blink-WebSockets
Sign in to add a comment