Changeset 241986 in webkit

Timestamp:

Feb 22, 2019 9:05:03 PM (5 years ago)

Author:

rniwa@webkit.org

Message:

Crash in SWServerJobQueue::runNextJobSynchronously
​https://bugs.webkit.org/show_bug.cgi?id=194974

Reviewed by Geoffrey Garen.

We suspect the crash is happening due to m_jobQueue being empty in runNextJobSynchronously
or there is a timer heap corruption again :(

Exit early when m_jobQueue is empty. Also add a debug assert that this should never happen
but convert an existing release assert to a debug assert since this appears to be hitting
too frequently in wild.

• workers/service/server/SWServerJobQueue.cpp:

(WebCore::SWServerJobQueue::runNextJobSynchronously):

Location:

trunk/Source/WebCore

Files:

• ChangeLog (modified) (1 diff)
• workers/service/server/SWServerJobQueue.cpp (modified) (2 diffs)

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2019-02-22  Ryosuke Niwa  <rniwa@webkit.org>
+
+        Crash in SWServerJobQueue::runNextJobSynchronously
+        https://bugs.webkit.org/show_bug.cgi?id=194974
+
+        Reviewed by Geoffrey Garen.
+
+        We suspect the crash is happening due to m_jobQueue being empty in runNextJobSynchronously
+        or there is a timer heap corruption again :(
+
+        Exit early when m_jobQueue is empty. Also add a debug assert that this should never happen
+        but convert an existing release assert to a debug assert since this appears to be hitting
+        too frequently in wild.
+
+        * workers/service/server/SWServerJobQueue.cpp:
+        (WebCore::SWServerJobQueue::runNextJobSynchronously):
+
 2019-02-22  Simon Fraser  <simon.fraser@apple.com>
 

trunk/Source/WebCore/workers/service/server/SWServerJobQueue.cpp

@@ -235 +235 @@
 void SWServerJobQueue::runNextJobSynchronously()
 {
+    ASSERT(!m_jobQueue.isEmpty());
+    if (m_jobQueue.isEmpty())
+        return;
+
     auto& job = firstJob();
     switch (job.type) {
@@ -248 +252 @@
     }
 
-    RELEASE_ASSERT_NOT_REACHED();
+    ASSERT_NOT_REACHED();
 }