Bug 213391

Summary:

com.apple.WebKit.Networking crash: suspended with locked system files (observations.db)

Product:

WebKit

Reporter:

Kate Cheney <katherine_cheney>

Component:

WebKit Misc.

Assignee:

Kate Cheney <katherine_cheney>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

bfulgham, cdumez, darin, wilander

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none
Patch	none
Patch	none
Patch for landing	none
Patch for landing	none

Kate Cheney

Reported 2020-06-19 10:48:01 PDT

It seems that closing the network process checks for locked system files. NetworkProcess::didClose() kicks off closing of the ITP database, which locks the observations.db file and causes the crash.

Attachments
Patch (7.96 KB, patch) 2020-06-19 12:44 PDT, Kate Cheney	no flags	Details Formatted Diff Diff
Patch (7.94 KB, patch) 2020-06-19 14:23 PDT, Kate Cheney	no flags	Details Formatted Diff Diff
Patch (7.88 KB, patch) 2020-06-19 14:59 PDT, Kate Cheney	no flags	Details Formatted Diff Diff
Patch for landing (7.85 KB, patch) 2020-06-19 15:23 PDT, Kate Cheney	no flags	Details Formatted Diff Diff
Patch for landing (7.93 KB, patch) 2020-06-19 16:36 PDT, Kate Cheney	no flags	Details Formatted Diff Diff
Show Obsolete (4) View All Add attachment proposed patch, testcase, etc.

Kate Cheney

Comment 1 2020-06-19 10:52:24 PDT

<rdar://problem/64494167>

Kate Cheney

Comment 2 2020-06-19 12:44:41 PDT

Created attachment 402307 [details] Patch

Kate Cheney

Comment 3 2020-06-19 14:23:44 PDT

Created attachment 402325 [details] Patch

Darin Adler

Comment 4 2020-06-19 14:45:43 PDT

Comment on attachment 402307 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=402307&action=review > Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:231 > + flushAndDestroyPersistentStore([callbackAggregator = callbackAggregator.copyRef()] { }); > + destroyResourceLoadStatisticsStore([callbackAggregator = callbackAggregator.copyRef()] { }); copyRef() no longer is necessary, so it can be written like this now, with the same effect: flushAndDestroyPersistentStore([callbackAggregator] { }); destroyResourceLoadStatisticsStore([callbackAggregator] { }); > Source/WebKit/NetworkProcess/NetworkProcess.cpp:270 > + networkSession.flushAndDestroyPersistentStore([callbackAggregator = callbackAggregator.copyRef()] { }); Same here, don’t need copyRef() any more.

Chris Dumez

Comment 5 2020-06-19 14:48:34 PDT

(In reply to Darin Adler from comment #4) > Comment on attachment 402307 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=402307&action=review > > > Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:231 > > + flushAndDestroyPersistentStore([callbackAggregator = callbackAggregator.copyRef()] { }); > > + destroyResourceLoadStatisticsStore([callbackAggregator = callbackAggregator.copyRef()] { }); > > copyRef() no longer is necessary, so it can be written like this now, with > the same effect: > > flushAndDestroyPersistentStore([callbackAggregator] { }); > destroyResourceLoadStatisticsStore([callbackAggregator] { }); > > > Source/WebKit/NetworkProcess/NetworkProcess.cpp:270 > > + networkSession.flushAndDestroyPersistentStore([callbackAggregator = callbackAggregator.copyRef()] { }); > > Same here, don’t need copyRef() any more. Any reason we did not drop copyRef() on Ref now that it is copyable?

Darin Adler

Comment 6 2020-06-19 14:50:49 PDT

(In reply to Chris Dumez from comment #5) > Any reason we did not drop copyRef() on Ref now that it is copyable? Just haven’t gotten to it yet. It’s marked "deprecated". Someone just has to remove all the calls to copyRef then we can delete it.

Kate Cheney

Comment 7 2020-06-19 14:55:11 PDT

Comment on attachment 402307 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=402307&action=review >> Source/WebKit/NetworkProcess/NetworkProcess.cpp:270 >> + networkSession.flushAndDestroyPersistentStore([callbackAggregator = callbackAggregator.copyRef()] { }); > > Same here, don’t need copyRef() any more. Noted! I'll change this for both instances.

Kate Cheney

Comment 8 2020-06-19 14:59:17 PDT

Created attachment 402330 [details] Patch

Chris Dumez

Comment 9 2020-06-19 14:59:31 PDT

Comment on attachment 402325 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=402325&action=review > Source/WebKit/ChangeLog:10 > + NetworkProcess::didClose() is called. This causes the network process When does NetworkProcess::didClose() get called? Isn't it when the UIProcess process has quit?

Kate Cheney

Comment 10 2020-06-19 15:01:06 PDT

Comment on attachment 402325 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=402325&action=review >> Source/WebKit/ChangeLog:10 >> + NetworkProcess::didClose() is called. This causes the network process > > When does NetworkProcess::didClose() get called? Isn't it when the UIProcess process has quit? Yes, I believe so. Local storage DB does not close when this happens, I don't think ITP should either if the network session hasn't been destroyed.

Chris Dumez

Comment 11 2020-06-19 15:10:53 PDT

Comment on attachment 402330 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=402330&action=review > Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:255 > + m_statisticsQueue->dispatch([this, protectedThis = makeRef(*this), completionHandler = WTFMove(completionHandler)] () mutable { postTask() ? > Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:257 > + RunLoop::main().dispatch(WTFMove(completionHandler)); postTaskReply() ?

Kate Cheney

Comment 12 2020-06-19 15:15:25 PDT

Comment on attachment 402330 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=402330&action=review >> Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:255 >> + m_statisticsQueue->dispatch([this, protectedThis = makeRef(*this), completionHandler = WTFMove(completionHandler)] () mutable { > > postTask() ? Will change! >> Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:257 >> + RunLoop::main().dispatch(WTFMove(completionHandler)); > > postTaskReply() ? Ditto

Kate Cheney

Comment 13 2020-06-19 15:23:12 PDT

Created attachment 402334 [details] Patch for landing

Kate Cheney

Comment 14 2020-06-19 16:36:57 PDT

Created attachment 402344 [details] Patch for landing

Kate Cheney

Comment 15 2020-06-19 16:37:36 PDT

postTask ASSERTS to check for Ephemeral sessions, I added an early return for the ephemeral case.

EWS

Comment 16 2020-06-19 17:02:27 PDT

Committed r263298: <https://trac.webkit.org/changeset/263298> All reviewed patches have been landed. Closing bug and clearing flags on attachment 402344 [details].

Note You need to log in before you can comment on or make changes to this bug.