181747 2018-01-17 10:26:31 -0800 WebCoreResourceHandleAsOperationQueueDelegate/ResourceHandleCFURLConnectionDelegateWithOperationQueue may be deleted in main thread callback 2018-01-17 10:57:21 -0800 1 1 1 Unclassified WebKit Platform WebKit Local Build Mac macOS 10.13 RESOLVED FIXED InRadar P2 Normal --- 1 dbates dbates achristensen webkit-bug-importer oldest_to_newest 1390069 0 dbates 2018-01-17 10:26:31 -0800 While investigating the assertion failure in bug #181746 I noticed that WebCoreResourceHandleAsOperationQueueDelegate does not retain itself before waiting on a main thread operation. The main thread operation can do anything, including detaching from WebCoreResourceHandleAsOperationQueueDelegate and deleting it. A PingHandle is one example of a resource handle that will delete itself as soon as possible => detach and delete its resource handle delegate (WebCoreResourceHandleAsOperationQueueDelegate). Specifically, a PingHandle will delete itself when the delegate queries (on the main thread) whether it can respond to an authentication request (a ping never responds to authentication requests) => WebCoreResourceHandleAsOperationQueueDelegate is deleted while it is waiting for the main thread to respond. 1390073 1 webkit-bug-importer 2018-01-17 10:33:57 -0800 <rdar://problem/36588120> 1390074 2 331510 dbates 2018-01-17 10:35:02 -0800 Created attachment 331510 Patch 1390076 3 331510 achristensen 2018-01-17 10:38:38 -0800 Comment on attachment 331510 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=331510&action=review > Source/WebCore/platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:172 > + auto protectedSelf = retainPtr(self); I'm not sure if this one's necessary because it doesn't do anything with self after calling the function which, until it is sent to the main thread, has a protector inside it's lambda capture. 1390077 4 achristensen 2018-01-17 10:38:57 -0800 We should consider doing the same for the CFURLConnection code on Windows. 1390080 5 331510 dbates 2018-01-17 10:40:19 -0800 Comment on attachment 331510 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=331510&action=review >> Source/WebCore/platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:172 >> + auto protectedSelf = retainPtr(self); > > I'm not sure if this one's necessary because it doesn't do anything with self after calling the function which, until it is sent to the main thread, has a protector inside it's lambda capture. Oops! Will remove. 1390093 6 dbates 2018-01-17 10:48:42 -0800 (In reply to Alex Christensen from comment #4) > We should consider doing the same for the CFURLConnection code on Windows. Will do before landing. 1390099 7 dbates 2018-01-17 10:57:21 -0800 Committed r227073: <https://trac.webkit.org/changeset/227073> 331510 2018-01-17 10:35:02 -0800 2018-01-17 10:36:47 -0800 Patch bug-181747-20180117103501.patch text/plain 5004 dbates U3VidmVyc2lvbiBSZXZpc2lvbjogMjI2OTQ5CmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9D aGFuZ2VMb2cgYi9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKaW5kZXggNDMzOTBkN2RlY2ZmZjYx YWFlYWU2ZjIyNWU1ODRmY2FjOTdhYTg1Yi4uMzQxMzMwMTg5YzQ1NmM0NDBkMGJkNzU1NTcyOGQ3 YmU0YWE0NTE5OCAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nCisrKyBiL1Nv dXJjZS9XZWJDb3JlL0NoYW5nZUxvZwpAQCAtMSwzICsxLDI0IEBACisyMDE4LTAxLTE3ICBEYW5p ZWwgQmF0ZXMgIDxkYWJhdGVzQGFwcGxlLmNvbT4KKworICAgICAgICBXZWJDb3JlUmVzb3VyY2VI YW5kbGVBc09wZXJhdGlvblF1ZXVlRGVsZWdhdGUgbWF5IGJlIGRlbGV0ZWQgaW4gbWFpbiB0aHJl YWQgY2FsbGJhY2sKKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dp P2lkPTE4MTc0NworICAgICAgICA8cmRhcjovL3Byb2JsZW0vMzY1ODgxMjA+CisKKyAgICAgICAg UmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgUmV0YWluIHRoZSBkZWxlZ2F0 ZSAoV2ViQ29yZVJlc291cmNlSGFuZGxlQXNPcGVyYXRpb25RdWV1ZURlbGVnYXRlKSBiZWZvcmUg c2NoZWR1bGluZworICAgICAgICBhIG1haW4gdGhyZWFkIGNhbGxiYWNrIGFuZCBibG9ja2luZyBv biBhIHNlbWFwaG9yZSBmb3IgaXRzIHJlcGx5IGJlY2F1c2UgdGhlIG1haW4gdGhyZWFkCisgICAg ICAgIGNhbGxiYWNrIGNhbiBkbyBhbnl0aGluZywgaW5jbHVkaW5nIGRlbGV0aW5nIHRoZSBkZWxl Z2F0ZSwgYmVmb3JlIHRoZSBub24tbWFpbiB0aHJlYWQKKyAgICAgICAgaGFzIGEgY2hhbmNlIHRv IGV4ZWN1dGUuIEZvciBpbnN0YW5jZSwgYSBQaW5nSGFuZGxlIHdpbGwgZGVsZXRlIGl0c2VsZiAo YW5kIGhlbmNlIGRlbGV0ZQorICAgICAgICBpdHMgcmVzb3VyY2UgaGFuZGxlIGRlbGVnYXRlKSBp biBtb3N0IG9mIHRoZSBjb2RlIHBhdGhzIGludm9rZWQgYnkgdGhlIGRlbGVnYXRlLgorCisgICAg ICAgICogcGxhdGZvcm0vbmV0d29yay9tYWMvV2ViQ29yZVJlc291cmNlSGFuZGxlQXNPcGVyYXRp b25RdWV1ZURlbGVnYXRlLm1tOgorICAgICAgICAoLVtXZWJDb3JlUmVzb3VyY2VIYW5kbGVBc09w ZXJhdGlvblF1ZXVlRGVsZWdhdGUgY29ubmVjdGlvbjp3aWxsU2VuZFJlcXVlc3Q6cmVkaXJlY3RS ZXNwb25zZTpdKToKKyAgICAgICAgKC1bV2ViQ29yZVJlc291cmNlSGFuZGxlQXNPcGVyYXRpb25R dWV1ZURlbGVnYXRlIGNvbm5lY3Rpb246ZGlkUmVjZWl2ZUF1dGhlbnRpY2F0aW9uQ2hhbGxlbmdl Ol0pOgorICAgICAgICAoLVtXZWJDb3JlUmVzb3VyY2VIYW5kbGVBc09wZXJhdGlvblF1ZXVlRGVs ZWdhdGUgY29ubmVjdGlvbjpjYW5BdXRoZW50aWNhdGVBZ2FpbnN0UHJvdGVjdGlvblNwYWNlOl0p OgorICAgICAgICAoLVtXZWJDb3JlUmVzb3VyY2VIYW5kbGVBc09wZXJhdGlvblF1ZXVlRGVsZWdh dGUgY29ubmVjdGlvbjpkaWRSZWNlaXZlUmVzcG9uc2U6XSk6CisgICAgICAgICgtW1dlYkNvcmVS ZXNvdXJjZUhhbmRsZUFzT3BlcmF0aW9uUXVldWVEZWxlZ2F0ZSBjb25uZWN0aW9uOndpbGxDYWNo ZVJlc3BvbnNlOl0pOgorCiAyMDE4LTAxLTE3ICBEYW5pZWwgQmF0ZXMgIDxkYWJhdGVzQGFwcGxl LmNvbT4KIAogICAgICAgICBBU1NFUlRJT04gRkFJTEVEOiAhbV9jb21wbGV0aW9uSGFuZGxlciBp biBQaW5nSGFuZGxlOjp+UGluZ0hhbmRsZSgpCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9w bGF0Zm9ybS9uZXR3b3JrL21hYy9XZWJDb3JlUmVzb3VyY2VIYW5kbGVBc09wZXJhdGlvblF1ZXVl RGVsZWdhdGUubW0gYi9Tb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9uZXR3b3JrL21hYy9XZWJDb3Jl UmVzb3VyY2VIYW5kbGVBc09wZXJhdGlvblF1ZXVlRGVsZWdhdGUubW0KaW5kZXggMDVhMzcwNzNi YjE4YTEwYTc4NmZhOGFhNjM0MzZhZGY0NjQyODM5Yi4uMTZiYjJkODA2YmNmY2U5YWU3MTU3ZDVi NzFlNWYwZGJlY2U2M2MzOSAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvcGxhdGZvcm0vbmV0 d29yay9tYWMvV2ViQ29yZVJlc291cmNlSGFuZGxlQXNPcGVyYXRpb25RdWV1ZURlbGVnYXRlLm1t CisrKyBiL1NvdXJjZS9XZWJDb3JlL3BsYXRmb3JtL25ldHdvcmsvbWFjL1dlYkNvcmVSZXNvdXJj ZUhhbmRsZUFzT3BlcmF0aW9uUXVldWVEZWxlZ2F0ZS5tbQpAQCAtMTQzLDYgKzE0Myw3IEBAIHN0 YXRpYyBib29sIHNjaGVkdWxlZFdpdGhDdXN0b21SdW5Mb29wTW9kZShTY2hlZHVsZVBhaXJIYXNo U2V0KiBwYWlycykKICAgICAgICAgTE9HKE5ldHdvcmssICJIYW5kbGUgJXAgZGVsZWdhdGUgY29u bmVjdGlvbjolcCB3aWxsU2VuZFJlcXVlc3Q6JUAgcmVkaXJlY3RSZXNwb25zZTpub24tSFRUUCIs IG1faGFuZGxlLCBjb25uZWN0aW9uLCBbbmV3UmVxdWVzdCBkZXNjcmlwdGlvbl0pOyAKICNlbmRp ZgogCisgICAgYXV0byBwcm90ZWN0ZWRTZWxmID0gcmV0YWluUHRyKHNlbGYpOwogICAgIGF1dG8g d29yayA9IFtzZWxmID0gc2VsZiwgcHJvdGVjdGVkU2VsZiA9IHJldGFpblB0cihzZWxmKSwgbmV3 UmVxdWVzdCA9IHJldGFpblB0cihuZXdSZXF1ZXN0KSwgcmVkaXJlY3RSZXNwb25zZSA9IHJldGFp blB0cihyZWRpcmVjdFJlc3BvbnNlKV0gKCkgbXV0YWJsZSB7CiAgICAgICAgIGlmICghbV9oYW5k bGUpIHsKICAgICAgICAgICAgIG1fcmVxdWVzdFJlc3VsdCA9IG51bGxwdHI7CkBAIC0xNjgsNiAr MTY5LDcgQEAgc3RhdGljIGJvb2wgc2NoZWR1bGVkV2l0aEN1c3RvbVJ1bkxvb3BNb2RlKFNjaGVk dWxlUGFpckhhc2hTZXQqIHBhaXJzKQogCiAgICAgTE9HKE5ldHdvcmssICJIYW5kbGUgJXAgZGVs ZWdhdGUgY29ubmVjdGlvbjolcCBkaWRSZWNlaXZlQXV0aGVudGljYXRpb25DaGFsbGVuZ2U6JXAi LCBtX2hhbmRsZSwgY29ubmVjdGlvbiwgY2hhbGxlbmdlKTsKIAorICAgIGF1dG8gcHJvdGVjdGVk U2VsZiA9IHJldGFpblB0cihzZWxmKTsKICAgICBhdXRvIHdvcmsgPSBbc2VsZiwgcHJvdGVjdGVk U2VsZiA9IHJldGFpblB0cihzZWxmKSwgY2hhbGxlbmdlID0gcmV0YWluUHRyKGNoYWxsZW5nZSld ICgpIG11dGFibGUgewogICAgICAgICBpZiAoIW1faGFuZGxlKSB7CiAgICAgICAgICAgICBbW2No YWxsZW5nZSBzZW5kZXJdIGNhbmNlbEF1dGhlbnRpY2F0aW9uQ2hhbGxlbmdlOmNoYWxsZW5nZS5n ZXQoKV07CkBAIC0xODYsNiArMTg4LDcgQEAgc3RhdGljIGJvb2wgc2NoZWR1bGVkV2l0aEN1c3Rv bVJ1bkxvb3BNb2RlKFNjaGVkdWxlUGFpckhhc2hTZXQqIHBhaXJzKQogCiAgICAgTE9HKE5ldHdv cmssICJIYW5kbGUgJXAgZGVsZWdhdGUgY29ubmVjdGlvbjolcCBjYW5BdXRoZW50aWNhdGVBZ2Fp bnN0UHJvdGVjdGlvblNwYWNlOiVAOi8vJUA6JXUgcmVhbG06JUAgbWV0aG9kOiVAICVAJUAiLCBt X2hhbmRsZSwgY29ubmVjdGlvbiwgW3Byb3RlY3Rpb25TcGFjZSBwcm90b2NvbF0sIFtwcm90ZWN0 aW9uU3BhY2UgaG9zdF0sIFtwcm90ZWN0aW9uU3BhY2UgcG9ydF0sIFtwcm90ZWN0aW9uU3BhY2Ug cmVhbG1dLCBbcHJvdGVjdGlvblNwYWNlIGF1dGhlbnRpY2F0aW9uTWV0aG9kXSwgW3Byb3RlY3Rp b25TcGFjZSBpc1Byb3h5XSA/IEAicHJveHk6IiA6IEAiIiwgW3Byb3RlY3Rpb25TcGFjZSBpc1By b3h5XSA/IFtwcm90ZWN0aW9uU3BhY2UgcHJveHlUeXBlXSA6IEAiIik7CiAKKyAgICBhdXRvIHBy b3RlY3RlZFNlbGYgPSByZXRhaW5QdHIoc2VsZik7CiAgICAgYXV0byB3b3JrID0gW3NlbGYgPSBz ZWxmLCBwcm90ZWN0ZWRTZWxmID0gcmV0YWluUHRyKHNlbGYpLCBwcm90ZWN0aW9uU3BhY2UgPSBy ZXRhaW5QdHIocHJvdGVjdGlvblNwYWNlKV0gKCkgbXV0YWJsZSB7CiAgICAgICAgIGlmICghbV9o YW5kbGUpIHsKICAgICAgICAgICAgIG1fYm9vbFJlc3VsdCA9IE5POwpAQCAtMjA2LDYgKzIwOSw3 IEBAIHN0YXRpYyBib29sIHNjaGVkdWxlZFdpdGhDdXN0b21SdW5Mb29wTW9kZShTY2hlZHVsZVBh aXJIYXNoU2V0KiBwYWlycykKIAogICAgIExPRyhOZXR3b3JrLCAiSGFuZGxlICVwIGRlbGVnYXRl IGNvbm5lY3Rpb246JXAgZGlkUmVjZWl2ZVJlc3BvbnNlOiVwIChIVFRQIHN0YXR1cyAlZCwgcmVw b3J0ZWQgTUlNRVR5cGUgJyVzJykiLCBtX2hhbmRsZSwgY29ubmVjdGlvbiwgciwgW3IgcmVzcG9u ZHNUb1NlbGVjdG9yOkBzZWxlY3RvcihzdGF0dXNDb2RlKV0gPyBbKGlkKXIgc3RhdHVzQ29kZV0g OiAwLCBbW3IgTUlNRVR5cGVdIFVURjhTdHJpbmddKTsKIAorICAgIGF1dG8gcHJvdGVjdGVkU2Vs ZiA9IHJldGFpblB0cihzZWxmKTsKICAgICBhdXRvIHdvcmsgPSBbc2VsZiA9IHNlbGYsIHByb3Rl Y3RlZFNlbGYgPSByZXRhaW5QdHIoc2VsZiksIHIgPSByZXRhaW5QdHIociksIGNvbm5lY3Rpb24g PSByZXRhaW5QdHIoY29ubmVjdGlvbildICgpIG11dGFibGUgewogICAgICAgICBSZWZQdHI8UmVz b3VyY2VIYW5kbGU+IHByb3RlY3RlZEhhbmRsZShtX2hhbmRsZSk7CiAgICAgICAgIGlmICghbV9o YW5kbGUgfHwgIW1faGFuZGxlLT5jbGllbnQoKSkgewpAQCAtMzI1LDYgKzMyOSw3IEBAIHN0YXRp YyBib29sIHNjaGVkdWxlZFdpdGhDdXN0b21SdW5Mb29wTW9kZShTY2hlZHVsZVBhaXJIYXNoU2V0 KiBwYWlycykKIAogICAgIExPRyhOZXR3b3JrLCAiSGFuZGxlICVwIGRlbGVnYXRlIGNvbm5lY3Rp b246JXAgd2lsbENhY2hlUmVzcG9uc2U6JXAiLCBtX2hhbmRsZSwgY29ubmVjdGlvbiwgY2FjaGVk UmVzcG9uc2UpOwogCisgICAgYXV0byBwcm90ZWN0ZWRTZWxmID0gcmV0YWluUHRyKHNlbGYpOwog ICAgIGF1dG8gd29yayA9IFtzZWxmID0gc2VsZiwgcHJvdGVjdGVkU2VsZiA9IHJldGFpblB0cihz ZWxmKSwgY2FjaGVkUmVzcG9uc2UgPSByZXRhaW5QdHIoY2FjaGVkUmVzcG9uc2UpXSAoKSBtdXRh YmxlIHsKICAgICAgICAgaWYgKCFtX2hhbmRsZSB8fCAhbV9oYW5kbGUtPmNsaWVudCgpKSB7CiAg ICAgICAgICAgICBtX2NhY2hlZFJlc3BvbnNlUmVzdWx0ID0gbnVsbHB0cjsK