Bug 222172

Summary:

Norton Safe Web extension is causing crashes / hangs under [WKRemoteObjectEncoder encodeObject:forKey:]

Product:

WebKit

Reporter:

Chris Dumez <cdumez>

Component:

WebKit2

Assignee:

Chris Dumez <cdumez>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

achristensen, darin, ggaren, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Bug Depends on:

Bug Blocks:

219620

Attachments:

Description	Flags
Patch	none

Description Chris Dumez 2021-02-19 07:53:39 PST

Norton Safe Web extension is causing crashes / hangs under [WKRemoteObjectEncoder encodeObject:forKey:]. Bug 219620 was supposed to fix it but it didn't.

Comment 1 Chris Dumez 2021-02-19 08:13:39 PST

Created attachment 420969 [details]
Patch

Comment 2 EWS 2021-02-19 09:29:17 PST

Committed r273141: <https://commits.webkit.org/r273141>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 420969 [details].

Comment 3 Radar WebKit Bug Importer 2021-02-19 09:30:16 PST

<rdar://problem/74525352>

Comment 4 Darin Adler 2021-02-19 09:46:05 PST

Comment on attachment 420969 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=420969&action=review

> Source/WebKit/ChangeLog:22
> +        The logic introduced in r270559 to detect cycles was flawed because it relied on a NSSet of
> +        NSObject* and [NSSet containsObject:] to detect the cycles. The issue is that [NSSet containsObject:]
> +        doesn't do a simple pointer comparison but instead calls [NSObject isEqual:] which is very
> +        expensive for types like NSDictionary and leads to trouble when the dictionary contains a cycle.
> +        To address this I replaced the NSSet with a WTF::HashSet<NSObject *> so that key lookup ends up
> +        doing a simple pointer comparison.

Fine to use HashSet, but note that within the Cocoa world the NSMapTable collection is available for uses like this.