199388 2019-07-01 16:57:30 -0700 Null dereference under StorageManager::destroySessionStorageNamespace() 2019-07-02 10:37:26 -0700 1 1 1 Unclassified WebKit WebKit2 WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED https://bugs.webkit.org/show_bug.cgi?id=198966 https://bugs.webkit.org/show_bug.cgi?id=197636 InRadar P2 Normal --- 1 cdumez cdumez achristensen commit-queue ggaren rniwa sihui_liu webkit-bug-importer youennf oldest_to_newest 1549391 0 cdumez 2019-07-01 16:57:30 -0700 Null dereference under StorageManager::destroySessionStorageNamespace(): Thread 6 name: Dispatch queue: com.apple.WebKit.StorageManager Thread 6 Crashed: 0 WebKit 0x00000001a60b7078 WTF::HashTable<WTF::ObjectIdentifier<IPC::Connection::UniqueIDType>, WTF::ObjectIdentifier<IPC::Connection::UniqueIDType>, WTF::IdentityExtractor, WTF::ObjectIdentifierHash<IPC::Connection::UniqueIDType>, WTF::HashTraits<WTF::ObjectIdentifier<IPC::Connection::UniqueIDType> >, WTF::HashTraits<WTF::ObjectIdentifier<IPC::Connection::UniqueIDType> > >::HashTable(WTF::HashTable<WTF::ObjectIdentifier<IPC::Connection::UniqueIDType>, WTF::ObjectIdentifier<IPC::Connection::UniqueIDType>, WTF::IdentityExtractor, WTF::ObjectIdentifierHash<IPC::Connection::UniqueIDType>, WTF::HashTraits<WTF::ObjectIdentifier<IPC::Connection::UniqueIDType> >, WTF::HashTraits<WTF::ObjectIdentifier<IPC::Connection::UniqueIDType> > > const&) + 24 (HashTable.h:397) 1 WebKit 0x00000001a60b6f58 WTF::Detail::CallableWrapper<WebKit::StorageManager::destroySessionStorageNamespace(unsigned long long)::$_10, void>::call() + 56 (HashTable.h:1324) 2 WebKit 0x00000001a60b6f58 WTF::Detail::CallableWrapper<WebKit::StorageManager::destroySessionStorageNamespace(unsigned long long)::$_10, void>::call() + 56 (HashTable.h:1324) 3 libdispatch.dylib 0x000000019e7f1688 _dispatch_call_block_and_release + 24 (init.c:1408) 4 libdispatch.dylib 0x000000019e7f21fc _dispatch_client_callout + 16 (object.m:495) 5 libdispatch.dylib 0x000000019e79e450 _dispatch_lane_serial_drain$VARIANT$mp + 608 (inline_internal.h:2487) 6 libdispatch.dylib 0x000000019e79ee44 _dispatch_lane_invoke$VARIANT$mp + 420 (queue.c:3820) 7 libdispatch.dylib 0x000000019e7a837c _dispatch_workloop_worker_thread + 588 (queue.c:6380) 8 libsystem_pthread.dylib 0x000000019e841f5c _pthread_wqthread + 304 (pthread.c:2329) 9 libsystem_pthread.dylib 0x000000019e844aa0 start_wqthread + 8 1549392 1 cdumez 2019-07-01 16:57:45 -0700 <rdar://problem/52030641> 1549587 2 373329 cdumez 2019-07-02 09:01:12 -0700 Created attachment 373329 Patch 1549619 3 373329 commit-queue 2019-07-02 10:37:24 -0700 Comment on attachment 373329 Patch Clearing flags on attachment: 373329 Committed r247057: <https://trac.webkit.org/changeset/247057> 1549620 4 commit-queue 2019-07-02 10:37:26 -0700 All reviewed patches have been landed. Closing bug. 373329 2019-07-02 09:01:12 -0700 2019-07-02 10:37:24 -0700 Patch bug-199388-20190702090111.patch text/plain 2852 cdumez U3VidmVyc2lvbiBSZXZpc2lvbjogMjQ3MDI1CmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViS2l0L0No YW5nZUxvZyBiL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCmluZGV4IDJjMTQ4YmRiMmYwYzdjNGM2 Zjg0MjM3ZGFmMjllNjhhM2M4ZDM1OWQuLjc1Njg5ZjZjZDEyNjhiN2YxNjJiZGY5ZTJjMzMxZTVl MTFjYzc5MzUgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCisrKyBiL1NvdXJj ZS9XZWJLaXQvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMTkgQEAKKzIwMTktMDctMDIgIENocmlzIER1 bWV6ICA8Y2R1bWV6QGFwcGxlLmNvbT4KKworICAgICAgICBOdWxsIGRlcmVmZXJlbmNlIHVuZGVy IFN0b3JhZ2VNYW5hZ2VyOjpkZXN0cm95U2Vzc2lvblN0b3JhZ2VOYW1lc3BhY2UoKQorICAgICAg ICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MTk5Mzg4CisgICAgICAg IDxyZGFyOi8vcHJvYmxlbS81MjAzMDY0MT4KKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkg KE9PUFMhKS4KKworICAgICAgICAqIE5ldHdvcmtQcm9jZXNzL1dlYlN0b3JhZ2UvU3RvcmFnZU1h bmFnZXIuY3BwOgorICAgICAgICAoV2ViS2l0OjpTdG9yYWdlTWFuYWdlcjo6Y3JlYXRlU2Vzc2lv blN0b3JhZ2VOYW1lc3BhY2UpOgorICAgICAgICBDYWxsIEhhc2hNYXA6OmVuc3VyZSgpIGluc3Rl YWQgb2YgY29udGFpbnMoKSArIHNldCgpIHRvIGF2b2lkIGRvdWJsZSBoYXNoIGxvb2t1cC4KKwor ICAgICAgICAoV2ViS2l0OjpTdG9yYWdlTWFuYWdlcjo6ZGVzdHJveVNlc3Npb25TdG9yYWdlTmFt ZXNwYWNlKToKKyAgICAgICAgQWRkIG51bGwgY2hlY2sgdG8gYWRkcmVzcyB0b3AgY3Jhc2hlciwg c2ltaWxhcmx5IHRvIHdoYXQgd2FzIGRvbmUgaW4gcjI0NjU1Mi4KKyAgICAgICAgSSBhbSBrZWVw aW5nIHRoZSBkZWJ1ZyBhc3NlcnRpb24gc2luY2UgdGhpcyBpcyBub3Qgc3VwcG9zZWQgdG8gaGFw cGVuLgorCiAyMDE5LTA3LTAxICBBbGV4IENocmlzdGVuc2VuICA8YWNocmlzdGVuc2VuQHdlYmtp dC5vcmc+CiAKICAgICAgICAgRGVwcmVjYXRlIGJ1dCBzdGlsbCBjYWxsIF93ZWJWaWV3OnNob3dD dXN0b21TaGVldEZvckVsZW1lbnQ6IGFmdGVyIHRyYW5zaXRpb24gdG8gVUlDb250ZXh0TWVudUlu dGVyYWN0aW9uCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViS2l0L05ldHdvcmtQcm9jZXNzL1dlYlN0 b3JhZ2UvU3RvcmFnZU1hbmFnZXIuY3BwIGIvU291cmNlL1dlYktpdC9OZXR3b3JrUHJvY2Vzcy9X ZWJTdG9yYWdlL1N0b3JhZ2VNYW5hZ2VyLmNwcAppbmRleCAyMTFmODIzMDQ2ZGQ4NzZjNTM1N2M4 OTAwOTk2OGQ2OTJmNGU0YzBlLi40ZTcyM2I0YzE2MjUxNDNhODBhZTU1N2MxMDc1Y2U3YTU1MzBk YWJiIDEwMDY0NAotLS0gYS9Tb3VyY2UvV2ViS2l0L05ldHdvcmtQcm9jZXNzL1dlYlN0b3JhZ2Uv U3RvcmFnZU1hbmFnZXIuY3BwCisrKyBiL1NvdXJjZS9XZWJLaXQvTmV0d29ya1Byb2Nlc3MvV2Vi U3RvcmFnZS9TdG9yYWdlTWFuYWdlci5jcHAKQEAgLTUwMiwxMCArNTAyLDkgQEAgU3RvcmFnZU1h bmFnZXI6On5TdG9yYWdlTWFuYWdlcigpCiB2b2lkIFN0b3JhZ2VNYW5hZ2VyOjpjcmVhdGVTZXNz aW9uU3RvcmFnZU5hbWVzcGFjZSh1aW50NjRfdCBzdG9yYWdlTmFtZXNwYWNlSUQsIHVuc2lnbmVk IHF1b3RhSW5CeXRlcykKIHsKICAgICBtX3F1ZXVlLT5kaXNwYXRjaChbdGhpcywgcHJvdGVjdGVk VGhpcyA9IG1ha2VSZWYoKnRoaXMpLCBzdG9yYWdlTmFtZXNwYWNlSUQsIHF1b3RhSW5CeXRlc10o KSBtdXRhYmxlIHsKLSAgICAgICAgaWYgKG1fc2Vzc2lvblN0b3JhZ2VOYW1lc3BhY2VzLmNvbnRh aW5zKHN0b3JhZ2VOYW1lc3BhY2VJRCkpCi0gICAgICAgICAgICByZXR1cm47Ci0KLSAgICAgICAg bV9zZXNzaW9uU3RvcmFnZU5hbWVzcGFjZXMuc2V0KHN0b3JhZ2VOYW1lc3BhY2VJRCwgU2Vzc2lv blN0b3JhZ2VOYW1lc3BhY2U6OmNyZWF0ZShxdW90YUluQnl0ZXMpKTsKKyAgICAgICAgbV9zZXNz aW9uU3RvcmFnZU5hbWVzcGFjZXMuZW5zdXJlKHN0b3JhZ2VOYW1lc3BhY2VJRCwgW3F1b3RhSW5C eXRlc10geworICAgICAgICAgICAgcmV0dXJuIFNlc3Npb25TdG9yYWdlTmFtZXNwYWNlOjpjcmVh dGUocXVvdGFJbkJ5dGVzKTsKKyAgICAgICAgfSk7CiAgICAgfSk7CiB9CiAKQEAgLTUxMyw4ICs1 MTIsMTAgQEAgdm9pZCBTdG9yYWdlTWFuYWdlcjo6ZGVzdHJveVNlc3Npb25TdG9yYWdlTmFtZXNw YWNlKHVpbnQ2NF90IHN0b3JhZ2VOYW1lc3BhY2VJRCkKIHsKICAgICBtX3F1ZXVlLT5kaXNwYXRj aChbdGhpcywgcHJvdGVjdGVkVGhpcyA9IG1ha2VSZWYoKnRoaXMpLCBzdG9yYWdlTmFtZXNwYWNl SURdIHsKICAgICAgICAgQVNTRVJUKG1fc2Vzc2lvblN0b3JhZ2VOYW1lc3BhY2VzLmNvbnRhaW5z KHN0b3JhZ2VOYW1lc3BhY2VJRCkpOwotICAgICAgICBpZiAobV9zZXNzaW9uU3RvcmFnZU5hbWVz cGFjZXMuZ2V0KHN0b3JhZ2VOYW1lc3BhY2VJRCktPmFsbG93ZWRDb25uZWN0aW9ucygpLmlzRW1w dHkoKSkKLSAgICAgICAgICAgIG1fc2Vzc2lvblN0b3JhZ2VOYW1lc3BhY2VzLnJlbW92ZShzdG9y YWdlTmFtZXNwYWNlSUQpOworICAgICAgICBpZiAoYXV0byogc2Vzc2lvblN0b3JhZ2VOYW1lc3Bh Y2UgPSBtX3Nlc3Npb25TdG9yYWdlTmFtZXNwYWNlcy5nZXQoc3RvcmFnZU5hbWVzcGFjZUlEKSkg eworICAgICAgICAgICAgaWYgKHNlc3Npb25TdG9yYWdlTmFtZXNwYWNlLT5hbGxvd2VkQ29ubmVj dGlvbnMoKS5pc0VtcHR5KCkpCisgICAgICAgICAgICAgICAgbV9zZXNzaW9uU3RvcmFnZU5hbWVz cGFjZXMucmVtb3ZlKHN0b3JhZ2VOYW1lc3BhY2VJRCk7CisgICAgICAgIH0KICAgICB9KTsKIH0K IAo=