Bug 137779

Summary: [iOS] Crashes in CFURLConnection delegates due to unimplemented retain/release
Product: WebKit Reporter: Alexey Proskuryakov <ap>
Component: Page LoadingAssignee: Alexey Proskuryakov <ap>
Status: RESOLVED FIXED    
Severity: Normal CC: beidson, benjamin, ddkilzer, psolanki, sam
Priority: P1 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: iPhone / iPad   
OS: All   
Attachments:
Description Flags
proposed fix
none
with a build fix beidson: review+

Description Alexey Proskuryakov 2014-10-16 09:54:29 PDT 
We need ResourceHandleCFURLConnectionDelegate to remain alive for as long as CFURLConnection is making delegate calls. The only way to guarantee this is to have CFURLConnection retain the delegate, which it does - but we don't implement retain/release client callbacks!

This causes crashes in Networking process.
Comment 1 Alexey Proskuryakov 2014-10-16 10:01:18 PDT 
*** Bug 135027 has been marked as a duplicate of this bug. ***
Comment 2 Alexey Proskuryakov 2014-10-16 10:01:57 PDT 
rdar://problem/18679320
Comment 3 Alexey Proskuryakov 2014-10-16 10:14:49 PDT 
Created attachment 239950 [details]
proposed fix
Comment 4 Alexey Proskuryakov 2014-10-16 12:19:27 PDT 
Created attachment 239957 [details]
with a build fix
Comment 5 Alexey Proskuryakov 2014-10-16 12:46:44 PDT 
Committed <https://trac.webkit.org/r174787>.
Comment 6 Darin Adler 2014-10-17 23:06:23 PDT 
Comment on attachment 239957 [details]
with a build fix

View in context: https://bugs.webkit.org/attachment.cgi?id=239957&action=review

> Source/WebCore/platform/network/cf/ResourceHandleCFURLConnectionDelegate.cpp:61
> +    static_cast<ResourceHandleCFURLConnectionDelegate*>(const_cast<void*>(clientInfo))->ref();

Is this thread-safe?
Comment 7 Alexey Proskuryakov 2014-10-18 00:40:14 PDT 
Yes, ResourceHandleCFURLConnectionDelegate is a ThreadSafeRefCounted object, and it doesn't have any data members that are unsafe to destruct on any thread.