Bug 190040

Summary: Crash under WebCore::deleteCookiesForHostnames()
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: Page LoadingAssignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, beidson, commit-queue, ggaren, webkit-bug-importer, youennf
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Chris Dumez
Reported 2018-09-27 09:22:02 PDT
Crash under WebCore::deleteCookiesForHostnames(): Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Subtype: KERN_INVALID_ADDRESS at 0x0000000000000010 VM Region Info: 0x10 is not in any region. Bytes before following region: 4364959728 REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL UNUSED SPACE AT START ---> __TEXT 00000001042c0000-00000001042c4000 [ 16K] r-x/r-x SM=COW ...it.Networking Termination Signal: Segmentation fault: 11 Termination Reason: Namespace SIGNAL, Code 0xb Terminating Process: exc handler [0] Triggered by Thread: 0 Filtered syslog: None found Thread 0 name: Dispatch queue: com.apple.main-thread Thread 0 Crashed: 0 WebCore 0x000000018b566744 WTF::HashTableAddResult<WTF::HashTableIterator<WTF::String, WTF::KeyValuePair<WTF::String, WTF::Vector<WTF::RetainPtr<NSHTTPCookie>, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> >, WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<WTF::String, WTF::Vector<WTF::RetainPtr<NSHTTPCookie>, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> > >, WTF::StringHash, WTF::HashMap<WTF::String, WTF::Vector<WTF::RetainPtr<NSHTTPCookie>, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>, WTF::StringHash, WTF::HashTraits<WTF::String>, WTF::HashTraits<WTF::Vector<WTF::RetainPtr<NSHTTPCookie>, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> > >::KeyValuePairTraits, WTF::HashTraits<WTF::String> > > WTF::HashMap<WTF::String, WTF::Vector<WTF::RetainPtr<NSHTTPCookie>, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>, WTF::StringHash, WTF::HashTraits<WTF::String>, WTF::HashTraits<WTF::Vector<WTF::RetainPtr<NSHTTPCookie>, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> > >::add<WTF::Vector<WTF::RetainPtr<NSHTTPCookie>, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> >(WTF::String&&, WTF::Vector<WTF::RetainPtr<NSHTTPCookie>, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&) + 116 (StringImpl.h:301) 1 WebCore 0x000000018b5660d4 WebCore::deleteCookiesForHostnames(WebCore::NetworkStorageSession const&, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&) + 348 (CookieJarMac.mm:356) 2 WebCore 0x000000018b5660d4 WebCore::deleteCookiesForHostnames(WebCore::NetworkStorageSession const&, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&) + 348 (CookieJarMac.mm:356) 3 WebKit 0x00000001926f0db8 WebKit::NetworkProcess::deleteWebsiteDataForOrigins(PAL::SessionID, WTF::OptionSet<WebKit::WebsiteDataType>, WTF::Vector<WebCore::SecurityOriginData, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, unsigned long long) + 88 (NetworkProcess.cpp:498) 4 WebKit 0x00000001926f97e4 void IPC::handleMessage<Messages::NetworkProcess::DeleteWebsiteDataForOrigins, WebKit::NetworkProcess, void (WebKit::NetworkProcess::*)(PAL::SessionID, WTF::OptionSet<WebKit::WebsiteDataType>, WTF::Vector<WebCore::SecurityOriginData, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, unsigned long long)>(IPC::Decoder&, WebKit::NetworkProcess*, void (WebKit::NetworkProcess::*)(PAL::SessionID, WTF::OptionSet<WebKit::WebsiteDataType>, WTF::Vector<WebCore::SecurityOriginData, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, unsigned long long)) + 112 (HandleMessage.h:46) 5 WebKit 0x000000019266dd18 IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) + 164 (Connection.cpp:901) 6 WebKit 0x00000001926706f8 IPC::Connection::dispatchOneMessage() + 232 (Connection.cpp:959) 7 JavaScriptCore 0x000000018a4b5f5c WTF::RunLoop::performWork() + 196 (Function.h:56) 8 JavaScriptCore 0x000000018a4b61b4 WTF::RunLoop::performWork(void*) + 36 (RunLoopCF.cpp:38) 9 CoreFoundation 0x00000001826acd54 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 24 (CFRunLoop.c:1982) 10 CoreFoundation 0x00000001826ac57c __CFRunLoopDoSources0 + 276 (CFRunLoop.c:2017) 11 CoreFoundation 0x00000001826aa0ec __CFRunLoopRun + 1204 (CFRunLoop.c:2920) 12 CoreFoundation 0x00000001825ca1c8 CFRunLoopRunSpecific + 552 (CFRunLoop.c:3245) 13 Foundation 0x0000000183040114 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 304 (NSRunLoop.m:367) 14 Foundation 0x0000000183091d80 -[NSRunLoop(NSRunLoop) run] + 88 (NSRunLoop.m:389) 15 libxpc.dylib 0x0000000182376cb8 _xpc_objc_main + 516 (main.m:167) 16 libxpc.dylib 0x0000000182378d8c xpc_main + 180 (init.c:1476) 17 com.apple.WebKit.Networking 0x00000001042c35ac main + 380 (XPCServiceMain.mm:148) 18 libdyld.dylib 0x0000000182069fbc start + 4
Attachments
Patch (1.95 KB, patch)
2018-09-27 09:25 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2018-09-27 09:22:20 PDT
<rdar://problem/38020368>
Chris Dumez
Comment 2 2018-09-27 09:25:33 PDT
Created attachment 350968 [details] Patch
WebKit Commit Bot
Comment 3 2018-09-27 10:06:37 PDT
Comment on attachment 350968 [details] Patch Clearing flags on attachment: 350968 Committed r236556: <https://trac.webkit.org/changeset/236556>
WebKit Commit Bot
Comment 4 2018-09-27 10:06:38 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.