Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invoking setTimeout from uv's callback in renderer may crash #153

Closed
zcbenz opened this issue Jan 8, 2014 · 2 comments · Fixed by #154
Closed

Invoking setTimeout from uv's callback in renderer may crash #153

zcbenz opened this issue Jan 8, 2014 · 2 comments · Fixed by #154

Comments

@zcbenz
Copy link
Member

zcbenz commented Jan 8, 2014

The WebCore::ScriptController::currentWorldContext() would get the last entered context instead of current context to search for the DOMWindow object, which would cause crash when using third party native modules sometimes, because unlike node's code, third party module usually do not bother switching contexts when calling a callback function in V8.

Thread 0 Crashed:: CrRendererMain  Dispatch queue: com.apple.main-thread
0   libchromiumcontent.dylib        0x000000010784eb74 WebCore::toDOMWindow(v8::Handle<v8::Context>) + 84 (v8.h:5963)
1   libchromiumcontent.dylib        0x000000010784ed3b WebCore::toFrameIfNotDetached(v8::Handle<v8::Context>) + 11 (V8Binding.cpp:499)
2   libchromiumcontent.dylib        0x00000001078363ba WebCore::ScriptController::currentWorldContext() + 58 (ScriptController.cpp:324)
3   libchromiumcontent.dylib        0x000000010787edf9 WebCore::WindowSetTimeoutImpl(v8::FunctionCallbackInfo<v8::Value> const&, bool, WebCore::ExceptionState&) + 777 (v8.h:5883)
4   libchromiumcontent.dylib        0x00000001078801f5 WebCore::V8Window::setTimeoutMethodCustom(v8::FunctionCallbackInfo<v8::Value> const&) + 69 (V8WindowCustom.cpp:443)
5   libchromiumcontent.dylib        0x000000010772d93f WebCore::DOMWindowV8Internal::setTimeoutMethodCallback(v8::FunctionCallbackInfo<v8::Value> const&) + 31 (TraceEvent.h:880)
6   libchromiumcontent.dylib        0x00000001067604de v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) + 158 (arguments.cc:43)
7   libchromiumcontent.dylib        0x000000010677b1a9 v8::internal::Builtin_HandleApiCall(int, v8::internal::Object**, v8::internal::Isolate*) + 393 (builtins.cc:1272)
8   ???                             0x0000269fcda069ce 0 + 42467791497678
9   ???                             0x0000269fcda3a7f5 0 + 42467791710197
10  ???                             0x0000269fd0cccd1d 0 + 42467844738333
11  ???                             0x0000269fcf1b16f9 0 + 42467816314617
12  ???                             0x0000269fcf1b14f0 0 + 42467816314096
13  ???                             0x0000269fcda36a04 0 + 42467791694340
14  ???                             0x0000269fcda1a457 0 + 42467791578199
15  libchromiumcontent.dylib        0x00000001067b6136 v8::internal::Invoke(bool, v8::internal::Handle<v8::internal::JSFunction>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*, bool*) + 342 (execution.cc:119)
16  libchromiumcontent.dylib        0x000000010674c797 v8::Function::Call(v8::Handle<v8::Object>, int, v8::Handle<v8::Value>*) + 327 (api.cc:4244)
17  pathwatcher.node                0x000000010f306049 MakeCallbackInMainThread(uv_async_s*, int) + 434 (common.cc:75)
18  Atom Framework                  0x00000001050f06a9 uv__async_event + 64 (async.c:88)
19  Atom Framework                  0x00000001050f081a uv__async_io + 136 (async.c:164)
20  Atom Framework                  0x00000001050fc542 uv__io_poll + 1345 (kqueue.c:234)
21  Atom Framework                  0x00000001050f0b14 uv_run + 245 (core.c:277)
22  Atom Framework                  0x000000010512218a atom::NodeBindings::UvRunOnce() + 176 (node_bindings.cc:201)
23  libchromiumcontent.dylib        0x000000010568d891 base::MessageLoop::RunTask(base::PendingTask const&) + 1121 (stl_vector.h:400)
24  libchromiumcontent.dylib        0x000000010568deaf base::MessageLoop::DoWork() + 655 (message_loop.cc:620)
25  libchromiumcontent.dylib        0x000000010563d0f1 base::MessagePumpCFRunLoopBase::RunWork() + 97 (message_pump_mac.mm:488)
26  com.apple.CoreFoundation        0x00007fff950df8f1 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17
27  com.apple.CoreFoundation        0x00007fff950d1062 __CFRunLoopDoSources0 + 242
28  com.apple.CoreFoundation        0x00007fff950d07ef __CFRunLoopRun + 831
29  com.apple.CoreFoundation        0x00007fff950d0275 CFRunLoopRunSpecific + 309
30  com.apple.HIToolbox             0x00007fff93730f0d RunCurrentEventLoopInMode + 226
31  com.apple.HIToolbox             0x00007fff93730cb7 ReceiveNextEventCommon + 479
32  com.apple.HIToolbox             0x00007fff93730abc _BlockUntilNextEventMatchingListInModeWithFilter + 65
33  com.apple.AppKit                0x00007fff92ba028e _DPSNextEvent + 1434
34  com.apple.AppKit                0x00007fff92b9f8db -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 122
35  com.apple.AppKit                0x00007fff92b939cc -[NSApplication run] + 553
36  libchromiumcontent.dylib        0x000000010563d6da base::MessagePumpNSApplication::DoRun(base::MessagePump::Delegate*) + 346 (message_pump_mac.mm:852)
37  libchromiumcontent.dylib        0x000000010563ceec base::MessagePumpCFRunLoopBase::Run(base::MessagePump::Delegate*) + 92 (message_pump_mac.mm:407)
38  libchromiumcontent.dylib        0x000000010568d192 base::MessageLoop::RunInternal() + 226 (message_loop.cc:442)
39  libchromiumcontent.dylib        0x00000001056aad3a base::RunLoop::Run() + 26 (run_loop.cc:86)
40  libchromiumcontent.dylib        0x000000010568c83d base::MessageLoop::Run() + 29 (message_loop.cc:312)
41  libchromiumcontent.dylib        0x0000000107d00675 content::RendererMain(content::MainFunctionParams const&) + 1573 (renderer_main.cc:252)
42  libchromiumcontent.dylib        0x000000010562abd5 content::RunNamedProcessTypeMain(std::string const&, content::MainFunctionParams const&, content::ContentMainDelegate*) + 149 (content_main_runner.cc:458)
43  libchromiumcontent.dylib        0x000000010562b873 content::ContentMainRunnerImpl::Run() + 339 (content_main_runner.cc:777)
44  libchromiumcontent.dylib        0x000000010562a9a6 content::ContentMain(int, char const**, content::ContentMainDelegate*) + 70 (content_main.cc:35)
45  Atom Framework                  0x00000001050ccb9b AtomMain + 43 (atom_library_main.cc:13)
46  libdyld.dylib                   0x00007fff8aca35fd start + 1
@zcbenz zcbenz mentioned this issue Jan 8, 2014
Merged
11 tasks
@nathansobo
Copy link

Interesting. Thoughts on workarounds?

@zcbenz
Copy link
Member Author

zcbenz commented Jan 9, 2014

As workaround, we could switch to the web page's context when there was one before executing the uv loop, currently the uv loop is just wrapped by a custom context.

@zcbenz zcbenz mentioned this issue Jan 9, 2014
Merged
kevinsawicki pushed a commit that referenced this issue May 9, 2017
@zcbenz
Merge pull request #153 from atom/xcode-7
aec3ce1 
Don't reference the bsm dylib directly.
kevinsawicki pushed a commit that referenced this issue May 9, 2017
@zcbenz
Merge pull request #153 from atom/xcode-7
343cbea 
Don't reference the bsm dylib directly.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Wrap uv loop with web page context in renderer electron/electron
2 participants
@nathansobo @zcbenz