133185 2014-05-22 10:53:45 -0700 [Curl] Crash when exceeding maximum cache limit. 2014-05-22 23:40:16 -0700 1 1 1 Unclassified WebKit WebCore Misc. 528+ (Nightly build) Unspecified Unspecified RESOLVED FIXED P2 Normal --- 1 peavo webkit-unassigned alex.christensen bfulgham commit-queue galpeter mmatyas oldest_to_newest 1011014 0 peavo 2014-05-22 10:53:45 -0700 When the maximum cache limit is exceeded, I get a crash. This happens when deleting cache entries, because a reference to the url string object in the LRU list is used as a parameter to invalidateCacheEntry(), when called from makeRoomForNewEntry(). When the string is removed from the LRU list in makeRoomForNewEntry(), the string is deleted. Next, the string is accessed again to remove the url from the index, and we crash. This can be fixed by removing the string from the LRU list after it is removed from the index. Fixing the crash also revealed an infinite loop problem. If the url for some reason only exist in the LRU list, and not in the index, we will inifitely loop in makeRoomForNewEntry(), trying to remove this url from the cache, but never succeeding. This can be fixed by removing the url from the LRU list, also when it's not in the index. 1011018 1 231897 peavo 2014-05-22 11:03:45 -0700 Created attachment 231897 Patch 1011026 2 231900 peavo 2014-05-22 11:28:43 -0700 Created attachment 231900 Patch 1011174 3 231900 bfulgham 2014-05-22 23:06:35 -0700 Comment on attachment 231900 Patch r=me 1011177 4 231900 commit-queue 2014-05-22 23:36:33 -0700 Comment on attachment 231900 Patch Clearing flags on attachment: 231900 Committed r169249: <http://trac.webkit.org/changeset/169249> 1011178 5 commit-queue 2014-05-22 23:36:35 -0700 All reviewed patches have been landed. Closing bug. 1011179 6 peavo 2014-05-22 23:40:16 -0700 (In reply to comment #3) > (From update of attachment 231900 [details]) > r=me Thanks! 231897 2014-05-22 11:03:45 -0700 2014-05-22 11:27:44 -0700 Patch bug-133185-20140522200315.patch text/plain 2832 peavo SW5kZXg6IFNvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2Vi Q29yZS9DaGFuZ2VMb2cJKHJldmlzaW9uIDE2OTIwNikKKysrIFNvdXJjZS9XZWJDb3JlL0NoYW5n ZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDI3IEBACisyMDE0LTA1LTIyICBwZWF2b0Bv dXRsb29rLmNvbSAgPHBlYXZvQG91dGxvb2suY29tPgorCisgICAgICAgIFtDdXJsXSBDcmFzaCB3 aGVuIGV4Y2VlZGluZyBtYXhpbXVtIGNhY2hlIGxpbWl0LgorICAgICAgICBodHRwczovL2J1Z3Mu d2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MTMzMTg1CisKKyAgICAgICAgUmV2aWV3ZWQgYnkg Tk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgV2hlbiB0aGUgbWF4aW11bSBjYWNoZSBsaW1pdCBp cyBleGNlZWRlZCwgSSBnZXQgYSBjcmFzaC4KKyAgICAgICAgVGhpcyBoYXBwZW5zIHdoZW4gZGVs ZXRpbmcgY2FjaGUgZW50cmllcywgYmVjYXVzZSBhIHJlZmVyZW5jZSB0byB0aGUgdXJsIHN0cmlu ZyBvYmplY3QgaW4gdGhlIExSVSBsaXN0CisgICAgICAgIGlzIHVzZWQgYXMgYSBwYXJhbWV0ZXIg dG8gaW52YWxpZGF0ZUNhY2hlRW50cnkoKSwgd2hlbiBjYWxsZWQgZnJvbSBtYWtlUm9vbUZvck5l d0VudHJ5KCkuCisgICAgICAgIFdoZW4gdGhlIHN0cmluZyBpcyByZW1vdmVkIGZyb20gdGhlIExS VSBsaXN0IGluIG1ha2VSb29tRm9yTmV3RW50cnkoKSwgdGhlIHN0cmluZyBpcyBkZWxldGVkLgor ICAgICAgICBOZXh0LCB0aGUgc3RyaW5nIGlzIGFjY2Vzc2VkIGFnYWluIHRvIHJlbW92ZSB0aGUg dXJsIGZyb20gdGhlIGluZGV4LCBhbmQgd2UgY3Jhc2guCisKKyAgICAgICAgVGhpcyBjYW4gYmUg Zml4ZWQgYnkgcmVtb3ZpbmcgdGhlIHN0cmluZyBmcm9tIHRoZSBMUlUgbGlzdCBhZnRlciBpdCBp cyByZW1vdmVkIGZyb20gdGhlIGluZGV4LgorCisgICAgICAgIEZpeGluZyB0aGUgY3Jhc2ggYWxz byByZXZlYWxlZCBhbiBpbmZpbml0ZSBsb29wIHByb2JsZW0uCisgICAgICAgIElmIHRoZSB1cmwg Zm9yIHNvbWUgcmVhc29uIG9ubHkgZXhpc3QgaW4gdGhlIExSVSBsaXN0LCBhbmQgbm90IGluIHRo ZSBpbmRleCwKKyAgICAgICAgd2Ugd2lsbCBpbmlmaXRlbHkgbG9vcCBpbiBtYWtlUm9vbUZvck5l d0VudHJ5KCksIHRyeWluZyB0byByZW1vdmUgdGhpcyB1cmwgZnJvbSB0aGUgY2FjaGUsIGJ1dCBu ZXZlciBzdWNjZWVkaW5nLgorICAgICAgICBUaGlzIGNhbiBiZSBmaXhlZCBieSByZW1vdmluZyB0 aGUgdXJsIGZyb20gdGhlIExSVSBsaXN0LCBhbHNvIHdoZW4gaXQncyBub3QgaW4gdGhlIGluZGV4 LgorCisgICAgICAgICogcGxhdGZvcm0vbmV0d29yay9jdXJsL0N1cmxDYWNoZU1hbmFnZXIuY3Bw OgorICAgICAgICAoV2ViQ29yZTo6Q3VybENhY2hlTWFuYWdlcjo6bWFrZVJvb21Gb3JOZXdFbnRy eSk6IEF2b2lkIGluZmluaXRlIGxvb3AgYnkgY2hlY2tpbmcgaWYgdGhlcmUgYXJlIG1vcmUgY2Fj aGUgZW50cmllcyB0byByZW1vdmUuCisgICAgICAgIChXZWJDb3JlOjpDdXJsQ2FjaGVNYW5hZ2Vy OjppbnZhbGlkYXRlQ2FjaGVFbnRyeSk6IEF2b2lkIGNyYXNoIGFuZCBpbmZpbml0ZSBsb29wIGJ5 IHJlbW92aW5nIHVybCBmcm9tIExSVSBsaXN0IGxhc3QuCisKIDIwMTQtMDUtMjIgIENhcmxvcyBH YXJjaWEgQ2FtcG9zICA8Y2dhcmNpYUBpZ2FsaWEuY29tPgogCiAgICAgICAgIFJFR1JFU1NJT04o cjE2MzcxMik6IFtHVEtdIE1pc3NwZWxsaW5nIGFuZCBncmFtbWFyIHVuZGVybGluZSBtYXJrcyBh cmUgbm8gbG9uZ2VyIGRyYXduCkluZGV4OiBTb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9uZXR3b3Jr L2N1cmwvQ3VybENhY2hlTWFuYWdlci5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL1dlYkNvcmUv cGxhdGZvcm0vbmV0d29yay9jdXJsL0N1cmxDYWNoZU1hbmFnZXIuY3BwCShyZXZpc2lvbiAxNjky MDApCisrKyBTb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9uZXR3b3JrL2N1cmwvQ3VybENhY2hlTWFu YWdlci5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTE4NSw3ICsxODUsNyBAQCB2b2lkIEN1cmxDYWNo ZU1hbmFnZXI6Om1ha2VSb29tRm9yTmV3RW50CiAgICAgaWYgKG1fZGlzYWJsZWQpCiAgICAgICAg IHJldHVybjsKIAotICAgIHdoaWxlIChtX2N1cnJlbnRTdG9yYWdlU2l6ZSA+IG1fc3RvcmFnZVNp emVMaW1pdCkgeworICAgIHdoaWxlICgobV9jdXJyZW50U3RvcmFnZVNpemUgPiBtX3N0b3JhZ2VT aXplTGltaXQpICYmIG1fTFJVRW50cnlMaXN0LnNpemUoKSA+IDApIHsKICAgICAgICAgQVNTRVJU KG1faW5kZXguZmluZChtX0xSVUVudHJ5TGlzdC5sYXN0KCkpICE9IG1faW5kZXguZW5kKCkpOwog ICAgICAgICBpbnZhbGlkYXRlQ2FjaGVFbnRyeShtX0xSVUVudHJ5TGlzdC5sYXN0KCkpOwogICAg IH0KQEAgLTMwMyw5ICszMDMsOSBAQCB2b2lkIEN1cmxDYWNoZU1hbmFnZXI6OmludmFsaWRhdGVD YWNoZUVuCiAgICAgICAgICAgICBtX2N1cnJlbnRTdG9yYWdlU2l6ZSAtPSBpdC0+dmFsdWUtPmVu dHJ5U2l6ZSgpOwogCiAgICAgICAgIGl0LT52YWx1ZS0+aW52YWxpZGF0ZSgpOwotICAgICAgICBt X0xSVUVudHJ5TGlzdC5yZW1vdmUodXJsKTsKICAgICAgICAgbV9pbmRleC5yZW1vdmUodXJsKTsK ICAgICB9CisgICAgbV9MUlVFbnRyeUxpc3QucmVtb3ZlKHVybCk7CiB9CiAKIHZvaWQgQ3VybENh Y2hlTWFuYWdlcjo6ZGlkRmFpbChjb25zdCBTdHJpbmcmIHVybCkK 231900 2014-05-22 11:28:43 -0700 2014-05-22 23:36:32 -0700 Patch bug-133185-20140522202808.patch text/plain 2832 peavo SW5kZXg6IFNvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2Vi Q29yZS9DaGFuZ2VMb2cJKHJldmlzaW9uIDE2OTIwNikKKysrIFNvdXJjZS9XZWJDb3JlL0NoYW5n ZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDI3IEBACisyMDE0LTA1LTIyICBwZWF2b0Bv dXRsb29rLmNvbSAgPHBlYXZvQG91dGxvb2suY29tPgorCisgICAgICAgIFtDdXJsXSBDcmFzaCB3 aGVuIGV4Y2VlZGluZyBtYXhpbXVtIGNhY2hlIGxpbWl0LgorICAgICAgICBodHRwczovL2J1Z3Mu d2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MTMzMTg1CisKKyAgICAgICAgUmV2aWV3ZWQgYnkg Tk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgV2hlbiB0aGUgbWF4aW11bSBjYWNoZSBsaW1pdCBp cyBleGNlZWRlZCwgSSBnZXQgYSBjcmFzaC4KKyAgICAgICAgVGhpcyBoYXBwZW5zIHdoZW4gZGVs ZXRpbmcgY2FjaGUgZW50cmllcywgYmVjYXVzZSBhIHJlZmVyZW5jZSB0byB0aGUgdXJsIHN0cmlu ZyBvYmplY3QgaW4gdGhlIExSVSBsaXN0CisgICAgICAgIGlzIHVzZWQgYXMgYSBwYXJhbWV0ZXIg dG8gaW52YWxpZGF0ZUNhY2hlRW50cnkoKSwgd2hlbiBjYWxsZWQgZnJvbSBtYWtlUm9vbUZvck5l d0VudHJ5KCkuCisgICAgICAgIFdoZW4gdGhlIHN0cmluZyBpcyByZW1vdmVkIGZyb20gdGhlIExS VSBsaXN0IGluIG1ha2VSb29tRm9yTmV3RW50cnkoKSwgdGhlIHN0cmluZyBpcyBkZWxldGVkLgor ICAgICAgICBOZXh0LCB0aGUgc3RyaW5nIGlzIGFjY2Vzc2VkIGFnYWluIHRvIHJlbW92ZSB0aGUg dXJsIGZyb20gdGhlIGluZGV4LCBhbmQgd2UgY3Jhc2guCisKKyAgICAgICAgVGhpcyBjYW4gYmUg Zml4ZWQgYnkgcmVtb3ZpbmcgdGhlIHN0cmluZyBmcm9tIHRoZSBMUlUgbGlzdCBhZnRlciBpdCBp cyByZW1vdmVkIGZyb20gdGhlIGluZGV4LgorCisgICAgICAgIEZpeGluZyB0aGUgY3Jhc2ggYWxz byByZXZlYWxlZCBhbiBpbmZpbml0ZSBsb29wIHByb2JsZW0uCisgICAgICAgIElmIHRoZSB1cmwg Zm9yIHNvbWUgcmVhc29uIG9ubHkgZXhpc3QgaW4gdGhlIExSVSBsaXN0LCBhbmQgbm90IGluIHRo ZSBpbmRleCwKKyAgICAgICAgd2Ugd2lsbCBpbmlmaXRlbHkgbG9vcCBpbiBtYWtlUm9vbUZvck5l d0VudHJ5KCksIHRyeWluZyB0byByZW1vdmUgdGhpcyB1cmwgZnJvbSB0aGUgY2FjaGUsIGJ1dCBu ZXZlciBzdWNjZWVkaW5nLgorICAgICAgICBUaGlzIGNhbiBiZSBmaXhlZCBieSByZW1vdmluZyB0 aGUgdXJsIGZyb20gdGhlIExSVSBsaXN0LCBhbHNvIHdoZW4gaXQncyBub3QgaW4gdGhlIGluZGV4 LgorCisgICAgICAgICogcGxhdGZvcm0vbmV0d29yay9jdXJsL0N1cmxDYWNoZU1hbmFnZXIuY3Bw OgorICAgICAgICAoV2ViQ29yZTo6Q3VybENhY2hlTWFuYWdlcjo6bWFrZVJvb21Gb3JOZXdFbnRy eSk6IEF2b2lkIGluZmluaXRlIGxvb3AgYnkgY2hlY2tpbmcgaWYgdGhlcmUgYXJlIG1vcmUgY2Fj aGUgZW50cmllcyB0byByZW1vdmUuCisgICAgICAgIChXZWJDb3JlOjpDdXJsQ2FjaGVNYW5hZ2Vy OjppbnZhbGlkYXRlQ2FjaGVFbnRyeSk6IEF2b2lkIGNyYXNoIGFuZCBpbmZpbml0ZSBsb29wIGJ5 IHJlbW92aW5nIHVybCBmcm9tIExSVSBsaXN0IGxhc3QuCisKIDIwMTQtMDUtMjIgIENhcmxvcyBH YXJjaWEgQ2FtcG9zICA8Y2dhcmNpYUBpZ2FsaWEuY29tPgogCiAgICAgICAgIFJFR1JFU1NJT04o cjE2MzcxMik6IFtHVEtdIE1pc3NwZWxsaW5nIGFuZCBncmFtbWFyIHVuZGVybGluZSBtYXJrcyBh cmUgbm8gbG9uZ2VyIGRyYXduCkluZGV4OiBTb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9uZXR3b3Jr L2N1cmwvQ3VybENhY2hlTWFuYWdlci5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL1dlYkNvcmUv cGxhdGZvcm0vbmV0d29yay9jdXJsL0N1cmxDYWNoZU1hbmFnZXIuY3BwCShyZXZpc2lvbiAxNjky MDApCisrKyBTb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9uZXR3b3JrL2N1cmwvQ3VybENhY2hlTWFu YWdlci5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTE4NSw3ICsxODUsNyBAQCB2b2lkIEN1cmxDYWNo ZU1hbmFnZXI6Om1ha2VSb29tRm9yTmV3RW50CiAgICAgaWYgKG1fZGlzYWJsZWQpCiAgICAgICAg IHJldHVybjsKIAotICAgIHdoaWxlIChtX2N1cnJlbnRTdG9yYWdlU2l6ZSA+IG1fc3RvcmFnZVNp emVMaW1pdCkgeworICAgIHdoaWxlICgobV9jdXJyZW50U3RvcmFnZVNpemUgPiBtX3N0b3JhZ2VT aXplTGltaXQpICYmIG1fTFJVRW50cnlMaXN0LnNpemUoKSA+IDApIHsKICAgICAgICAgQVNTRVJU KG1faW5kZXguZmluZChtX0xSVUVudHJ5TGlzdC5sYXN0KCkpICE9IG1faW5kZXguZW5kKCkpOwog ICAgICAgICBpbnZhbGlkYXRlQ2FjaGVFbnRyeShtX0xSVUVudHJ5TGlzdC5sYXN0KCkpOwogICAg IH0KQEAgLTMwMyw5ICszMDMsOSBAQCB2b2lkIEN1cmxDYWNoZU1hbmFnZXI6OmludmFsaWRhdGVD YWNoZUVuCiAgICAgICAgICAgICBtX2N1cnJlbnRTdG9yYWdlU2l6ZSAtPSBpdC0+dmFsdWUtPmVu dHJ5U2l6ZSgpOwogCiAgICAgICAgIGl0LT52YWx1ZS0+aW52YWxpZGF0ZSgpOwotICAgICAgICBt X0xSVUVudHJ5TGlzdC5yZW1vdmUodXJsKTsKICAgICAgICAgbV9pbmRleC5yZW1vdmUodXJsKTsK ICAgICB9CisgICAgbV9MUlVFbnRyeUxpc3QucmVtb3ZlKHVybCk7CiB9CiAKIHZvaWQgQ3VybENh Y2hlTWFuYWdlcjo6ZGlkRmFpbChjb25zdCBTdHJpbmcmIHVybCkK