43306 2010-07-31 15:39:20 -0700 Crash due to calling StringImpl::createCFString() from non-main thread in plug-in code 2010-07-31 17:42:57 -0700 1 1 1 Unclassified WebKit WebKit2 528+ (Nightly build) PC OS X 10.5 RESOLVED FIXED InRadar P2 Normal --- 1 sam webkit-unassigned oldest_to_newest 258646 0 sam 2010-07-31 15:39:20 -0700 Crash due to calling StringImpl::createCFString() from non-main thread in plug-in code. Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x00000000bbadbeef Crashed Thread: 0 Dispatch queue: com.apple.main-thread Thread 0 Crashed: Dispatch queue: com.apple.main-thread 0 com.apple.JavaScriptCore 0x00000001004aabfe WTF::isMainThread() + 147 (MainThreadMac.mm:136) 1 com.apple.WebCore 0x00000001015d64a0 WebCore::StringImpl::createCFString() + 28 (StringImplCF.cpp:136) 2 com.apple.WebCore 0x00000001015d67d1 WebCore::StringImpl::operator NSString*() + 21 (StringImplMac.mm:30) 3 com.apple.WebCore 0x0000000100ae203d WebCore::String::operator NSString*() const + 55 (WTFString.h:264) 4 com.apple.WebCore 0x000000010136f6ae WebCore::MIMETypeRegistry::getMIMETypeForExtension(WebCore::String const&) + 42 (MIMETypeRegistryMac.mm:37) 5 com.apple.WebKit2 0x0000000100035602 WebKit::PluginInfoStore::findPlugin(WebCore::String&, WebCore::KURL const&) + 324 (PluginInfoStore.cpp:174) 6 com.apple.WebKit2 0x0000000100083c10 WebKit::WebProcessProxy::getPluginHostConnection(WebCore::String const&, WebCore::KURL const&, WebCore::String&) + 76 (WebProcessProxy.cpp:198) 7 com.apple.WebKit2 0x0000000100083e58 WebKit::WebProcessProxy::didReceiveSyncMessage(CoreIPC::Connection*, CoreIPC::MessageID, CoreIPC::ArgumentDecoder*, CoreIPC::ArgumentEncoder*) + 422 (WebProcessProxy.cpp:348) 8 com.apple.WebKit2 0x000000010001a387 CoreIPC::Connection::dispatchMessages() + 357 (Connection.cpp:264) ... 258647 1 sam 2010-07-31 15:40:27 -0700 <rdar://problem/8259687> 258665 2 63165 sam 2010-07-31 17:33:28 -0700 Created attachment 63165 Patch 258667 3 63165 darin 2010-07-31 17:34:43 -0700 Comment on attachment 63165 Patch Won't this leave Windows broken? 258668 4 sam 2010-07-31 17:42:10 -0700 (In reply to comment #3) > (From update of attachment 63165 [details]) > Won't this leave Windows broken? I don't think it should, there is a default implementation in PluginInfoStore.cpp that is wrapped in #if !PLATFORM(MAC) that calls the MIMETypeRegistry and the windows implementation does not convert to a CFStringRef in it. 258669 5 sam 2010-07-31 17:42:57 -0700 Landed in r64430. 63165 2010-07-31 17:33:28 -0700 2010-07-31 17:34:43 -0700 Patch patch.diff text/plain 4646 sam SW5kZXg6IFdlYktpdDIvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFdlYktpdDIvQ2hhbmdlTG9n CShyZXZpc2lvbiA2NDQyOSkKKysrIFdlYktpdDIvQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBA IC0xLDMgKzEsMjEgQEAKKzIwMTAtMDctMzEgIFNhbSBXZWluaWcgIDxzYW1Ad2Via2l0Lm9yZz4K KworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICBDcmFzaCBk dWUgdG8gY2FsbGluZyBTdHJpbmdJbXBsOjpjcmVhdGVDRlN0cmluZygpIGZyb20gbm9uLW1haW4g dGhyZWFkIGluIHBsdWctaW4gY29kZQorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9z aG93X2J1Zy5jZ2k/aWQ9NDMzMDYKKyAgICAgICAgPHJkYXI6Ly9wcm9ibGVtLzgyNTk2ODc+CisK KyAgICAgICAgKiBVSVByb2Nlc3MvUGx1Z2lucy9QbHVnaW5JbmZvU3RvcmUuY3BwOgorICAgICAg ICAoV2ViS2l0OjpQbHVnaW5JbmZvU3RvcmU6OmdldE1JTUVUeXBlRm9yRXh0ZW5zaW9uKToKKyAg ICAgICAgKFdlYktpdDo6UGx1Z2luSW5mb1N0b3JlOjpmaW5kUGx1Z2luKToKKyAgICAgICAgKiBV SVByb2Nlc3MvUGx1Z2lucy9QbHVnaW5JbmZvU3RvcmUuaDoKKyAgICAgICAgKiBVSVByb2Nlc3Mv UGx1Z2lucy9tYWMvUGx1Z2luSW5mb1N0b3JlTWFjLm1tOgorICAgICAgICAoV2ViS2l0OjpzYWZl Q3JlYXRlQ0ZTdHJpbmcpOgorICAgICAgICAoV2ViS2l0OjpQbHVnaW5JbmZvU3RvcmU6OmdldE1J TUVUeXBlRm9yRXh0ZW5zaW9uKToKKyAgICAgICAgQnlwYXNzIE1JTUVUeXBlUmVnaXN0cnkgaW4g dGhlIFVJUHJvY2VzcyB1bnRpbCB3ZSBjYW4gc2FmZWx5IGNvbnZlcnQgU3RyaW5ncworICAgICAg ICB0byBDRlN0cmluZ1JlZnMuCisKIDIwMTAtMDctMzEgIFNhbSBXZWluaWcgIDxzYW1Ad2Via2l0 Lm9yZz4KIAogICAgICAgICBSZXZpZXdlZCBieSBEYW4gQmVybnN0ZWluLgpJbmRleDogV2ViS2l0 Mi9VSVByb2Nlc3MvUGx1Z2lucy9QbHVnaW5JbmZvU3RvcmUuY3BwCj09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFdl YktpdDIvVUlQcm9jZXNzL1BsdWdpbnMvUGx1Z2luSW5mb1N0b3JlLmNwcAkocmV2aXNpb24gNjQ0 MjcpCisrKyBXZWJLaXQyL1VJUHJvY2Vzcy9QbHVnaW5zL1BsdWdpbkluZm9TdG9yZS5jcHAJKHdv cmtpbmcgY29weSkKQEAgLTE1MSw2ICsxNTEsMTMgQEAgc3RhdGljIGlubGluZSBTdHJpbmcgcGF0 aEV4dGVuc2lvbihjb25zdAogICAgIHJldHVybiBleHRlbnNpb247CiB9CiAKKyNpZiAhUExBVEZP Uk0oTUFDKQorU3RyaW5nIFBsdWdpbkluZm9TdG9yZTo6Z2V0TUlNRVR5cGVGb3JFeHRlbnNpb24o Y29uc3QgU3RyaW5nJiBleHRlbnNpb24pCit7CisgICAgcmV0dXJuIE1JTUVUeXBlUmVnaXN0cnk6 OmdldE1JTUVUeXBlRm9yRXh0ZW5zaW9uKGV4dGVuc2lvbik7Cit9CisjZW5kaWYKKwogUGx1Z2lu SW5mb1N0b3JlOjpQbHVnaW4gUGx1Z2luSW5mb1N0b3JlOjpmaW5kUGx1Z2luKFN0cmluZyYgbWlt ZVR5cGUsIGNvbnN0IEtVUkwmIHVybCkKIHsKICAgICBsb2FkUGx1Z2luc0lmTmVjZXNzYXJ5KCk7 CkBAIC0xNzAsNyArMTc3LDcgQEAgUGx1Z2luSW5mb1N0b3JlOjpQbHVnaW4gUGx1Z2luSW5mb1N0 b3JlOgogICAgICAgICAgICAgcmV0dXJuIHBsdWdpbjsKICAgICAgICAgCiAgICAgICAgIC8vIEZp bmFsbHksIHRyeSB0byBnZXQgdGhlIE1JTUUgdHlwZSBmcm9tIHRoZSBleHRlbnNpb24gaW4gYSBw bGF0Zm9ybSBzcGVjaWZpYyBtYW5uZXIgYW5kIHVzZSB0aGF0LgotICAgICAgICBTdHJpbmcgZXh0 ZW5zaW9uTWltZVR5cGUgPSBNSU1FVHlwZVJlZ2lzdHJ5OjpnZXRNSU1FVHlwZUZvckV4dGVuc2lv bihleHRlbnNpb24pOworICAgICAgICBTdHJpbmcgZXh0ZW5zaW9uTWltZVR5cGUgPSBnZXRNSU1F VHlwZUZvckV4dGVuc2lvbihleHRlbnNpb24pOwogICAgICAgICBpZiAoIWV4dGVuc2lvbk1pbWVU eXBlLmlzTnVsbCgpKSB7CiAgICAgICAgICAgICBQbHVnaW4gcGx1Z2luID0gZmluZFBsdWdpbkZv ck1JTUVUeXBlKGV4dGVuc2lvbk1pbWVUeXBlKTsKICAgICAgICAgICAgIGlmICghcGx1Z2luLnBh dGguaXNOdWxsKCkpIHsKSW5kZXg6IFdlYktpdDIvVUlQcm9jZXNzL1BsdWdpbnMvUGx1Z2luSW5m b1N0b3JlLmgKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PQotLS0gV2ViS2l0Mi9VSVByb2Nlc3MvUGx1Z2lucy9QbHVnaW5J bmZvU3RvcmUuaAkocmV2aXNpb24gNjQ0MjcpCisrKyBXZWJLaXQyL1VJUHJvY2Vzcy9QbHVnaW5z L1BsdWdpbkluZm9TdG9yZS5oCSh3b3JraW5nIGNvcHkpCkBAIC03Myw3ICs3Myw4IEBAIHByaXZh dGU6CiAgICAgc3RhdGljIFZlY3RvcjxXZWJDb3JlOjpTdHJpbmc+IHBsdWdpblBhdGhzSW5EaXJl Y3RvcnkoY29uc3QgV2ViQ29yZTo6U3RyaW5nJiBkaXJlY3RvcnkpOwogICAgIHN0YXRpYyBib29s IGdldFBsdWdpbkluZm8oY29uc3QgV2ViQ29yZTo6U3RyaW5nJiBwbHVnaW5QYXRoLCBQbHVnaW4m IHBsdWdpbik7CiAgICAgc3RhdGljIGJvb2wgc2hvdWxkVXNlUGx1Z2luKGNvbnN0IFBsdWdpbiYg cGx1Z2luLCBjb25zdCBWZWN0b3I8UGx1Z2luPiYgbG9hZGVkUGx1Z2lucyk7Ci0gICAgCisgICAg c3RhdGljIFdlYkNvcmU6OlN0cmluZyBnZXRNSU1FVHlwZUZvckV4dGVuc2lvbihjb25zdCBXZWJD b3JlOjpTdHJpbmcmIGV4dGVuc2lvbik7CisKICAgICBWZWN0b3I8V2ViQ29yZTo6U3RyaW5nPiBt X2FkZGl0aW9uYWxQbHVnaW5zRGlyZWN0b3JpZXM7CiAgICAgVmVjdG9yPFBsdWdpbj4gbV9wbHVn aW5zOwogICAgIGJvb2wgbV9wbHVnaW5MaXN0SXNVcFRvRGF0ZTsKSW5kZXg6IFdlYktpdDIvVUlQ cm9jZXNzL1BsdWdpbnMvbWFjL1BsdWdpbkluZm9TdG9yZU1hYy5tbQo9PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBX ZWJLaXQyL1VJUHJvY2Vzcy9QbHVnaW5zL21hYy9QbHVnaW5JbmZvU3RvcmVNYWMubW0JKHJldmlz aW9uIDY0NDI3KQorKysgV2ViS2l0Mi9VSVByb2Nlc3MvUGx1Z2lucy9tYWMvUGx1Z2luSW5mb1N0 b3JlTWFjLm1tCSh3b3JraW5nIGNvcHkpCkBAIC0yNSw2ICsyNSw3IEBACiAKICNpbmNsdWRlICJQ bHVnaW5JbmZvU3RvcmUuaCIKIAorI2luY2x1ZGUgIldlYktpdFN5c3RlbUludGVyZmFjZS5oIgog I2luY2x1ZGUgPFdlYkNvcmUvV2ViQ29yZU5TU3RyaW5nRXh0cmFzLmg+CiAjaW5jbHVkZSA8d3Rm L0hhc2hTZXQuaD4KICNpbmNsdWRlIDx3dGYvUmV0YWluUHRyLmg+CkBAIC00NSw5ICs0Niw5IEBA IFZlY3RvcjxTdHJpbmc+IFBsdWdpbkluZm9TdG9yZTo6cGx1Z2luc0QKIAogLy8gRklYTUU6IE9u Y2UgdGhlIFVJIHByb2Nlc3Mga25vd3MgdGhlIGRpZmZlcmVuY2UgYmV0d2VlbiB0aGUgbWFpbiB0 aHJlYWQgYW5kIHRoZSB3ZWIgdGhyZWFkIHdlIGNhbiBkcm9wIHRoaXMgYW5kIGp1c3QgdXNlCiAv LyBTdHJpbmc6OmNyZWF0ZUNGU3RyaW5nLgotc3RhdGljIENGU3RyaW5nUmVmIHNhZmVDcmVhdGVD RlN0cmluZyhjb25zdCBTdHJpbmcmIGRpcmVjdG9yeSkKK3N0YXRpYyBDRlN0cmluZ1JlZiBzYWZl Q3JlYXRlQ0ZTdHJpbmcoY29uc3QgU3RyaW5nJiBzdHJpbmcpCiB7Ci0gICAgcmV0dXJuIENGU3Ry aW5nQ3JlYXRlV2l0aENoYXJhY3RlcnMoMCwgcmVpbnRlcnByZXRfY2FzdDxjb25zdCBVbmlDaGFy Kj4oZGlyZWN0b3J5LmNoYXJhY3RlcnMoKSksIGRpcmVjdG9yeS5sZW5ndGgoKSk7CisgICAgcmV0 dXJuIENGU3RyaW5nQ3JlYXRlV2l0aENoYXJhY3RlcnMoMCwgcmVpbnRlcnByZXRfY2FzdDxjb25z dCBVbmlDaGFyKj4oc3RyaW5nLmNoYXJhY3RlcnMoKSksIHN0cmluZy5sZW5ndGgoKSk7CiB9CiAg ICAgCiBWZWN0b3I8U3RyaW5nPiBQbHVnaW5JbmZvU3RvcmU6OnBsdWdpblBhdGhzSW5EaXJlY3Rv cnkoY29uc3QgU3RyaW5nJiBkaXJlY3RvcnkpCkBAIC0zNjcsNCArMzY4LDE0IEBAIGJvb2wgUGx1 Z2luSW5mb1N0b3JlOjpzaG91bGRVc2VQbHVnaW4oY28KICAgICByZXR1cm4gdHJ1ZTsKIH0KIAor U3RyaW5nIFBsdWdpbkluZm9TdG9yZTo6Z2V0TUlNRVR5cGVGb3JFeHRlbnNpb24oY29uc3QgU3Ry aW5nJiBleHRlbnNpb24pCit7CisgICAgLy8gRklYTUU6IFRoaXMgc2hvdWxkIGp1c3QgY2FsbCBN SU1FVHlwZVJlZ2lzdHJ5OjpnZXRNSU1FVHlwZUZvckV4dGVuc2lvbiBhbmQgYmUKKyAgICAvLyBz dHJlbmd0aCByZWR1Y2VkIGludG8gdGhlIGNhbGxzaXRlIG9uY2Ugd2UgY2FuIHNhZmVseSBjb252 ZXJ0IFdlYkNvcmU6OlN0cmluZworICAgIC8vIHRvIENGU3RyaW5nUmVmIG9mZiB0aGUgbWFpbiB0 aHJlYWQuCisKKyAgICBSZXRhaW5QdHI8Q0ZTdHJpbmdSZWY+IGV4dGVuc2lvbkNGU3RyaW5nKEFk b3B0Q0YsIHNhZmVDcmVhdGVDRlN0cmluZyhleHRlbnNpb24pKTsKKyAgICByZXR1cm4gV0tHZXRN SU1FVHlwZUZvckV4dGVuc2lvbigoTlNTdHJpbmcgKilleHRlbnNpb25DRlN0cmluZy5nZXQoKSk7 Cit9CisKIH0gLy8gbmFtZXNwYWNlIFdlYktpdAo=