Bug 153710

Summary: [iOS] WebKit1 apps crash in ___ZN7WebCore16DiskCacheMonitorC2ERKNS_15ResourceRequestENS_9SessionIDEPK20_CFCachedURLResponse_block_invoke1
Product: WebKit Reporter: David Kilzer (:ddkilzer) <ddkilzer>
Component: WebCore Misc.Assignee: David Kilzer (:ddkilzer) <ddkilzer>
Status: RESOLVED FIXED    
Severity: Normal CC: andersca, bdakin, bfulgham, cdumez, commit-queue, darin, japhet, kling, psolanki
Priority: P2 Keywords: InRadar
Version: Other   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on: 137495    
Bug Blocks:    
Attachments:
Description Flags
Patch v1 none

David Kilzer (:ddkilzer)
Reported 2016-01-30 09:25:39 PST
WebKit1 apps crash in ___ZN7WebCore16DiskCacheMonitorC2ERKNS_15ResourceRequestENS_9SessionIDEPK20_CFCachedURLResponse_block_invoke1 on the main thread in iOS. This is because ___ZN7WebCore16DiskCacheMonitorC2ERKNS_15ResourceRequestENS_9SessionIDEPK20_CFCachedURLResponse_block_invoke1 is being run on the main thread, creating a race condition where the DiskCacheMonitor object can be deleted after the CFCachedURLResponseCallBackBlock grabs its pointer to use on the WebThread.
Attachments
Patch v1 (2.90 KB, patch)
2016-01-30 09:53 PST, David Kilzer (:ddkilzer) 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
David Kilzer (:ddkilzer)
Comment 1 2016-01-30 09:26:01 PST
<rdar://problem/23116706>
David Kilzer (:ddkilzer)
Comment 2 2016-01-30 09:53:04 PST
Created attachment 270308 [details] Patch v1
WebKit Commit Bot
Comment 3 2016-01-30 11:23:04 PST
Comment on attachment 270308 [details] Patch v1 Clearing flags on attachment: 270308 Committed r195900: <http://trac.webkit.org/changeset/195900>
WebKit Commit Bot
Comment 4 2016-01-30 11:23:10 PST
All reviewed patches have been landed. Closing bug.
Brent Fulgham
Comment 5 2016-01-30 14:19:21 PST
That's a very nice bit of detective work!
Note You need to log in before you can comment on or make changes to this bug.