Bug 22976

Summary:

crash due to Mail's use of WebArchive and WebResource on non-main thread

Product:

WebKit

Reporter:

Darin Adler <darin>

Component:

WebKit API

Assignee:

Darin Adler <darin>

Status:

RESOLVED FIXED

Severity:

Normal

Keywords:

InRadar

Priority:

Version:

528+ (Nightly build)

Hardware:

Mac

OS:

OS X 10.5

Attachments:

Description	Flags
patch	ap: review+

Description Darin Adler 2008-12-23 08:04:47 PST

Mark Rowe:

* SUMMARY
When attempting to forward a message in Mail running against TOT WebKit I am hitting an assertion failure.

* STEPS TO REPRODUCE
1. Run Mail with a debug build of TOT WebKit.
2. Select a message and hit Cmd-Shift-F to forward it.
3. If 2. alone does not crash, close the window.

* RESULTS
Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0xbbadbeef
0x07d0a35b in WTF::RefCountedBase::derefBase (this=0x236aa870) at RefCounted.h:65
65	        ASSERT(!m_deletionHasBegun);
(gdb) bt
#0  0x07d0a35b in WTF::RefCountedBase::derefBase (this=0x236aa870) at RefCounted.h:65
#1  0x07d0ad69 in WTF::RefCounted<WebCore::StringImpl>::deref (this=0x236aa870) at RefCounted.h:95
#2  0x07da059f in WTF::RefPtr<WebCore::StringImpl>::~RefPtr (this=0x235f282c) at RefPtr.h:50
#3  0x07d0ada5 in WebCore::String::~String (this=0x235f282c) at text/PlatformString.h:61
#4  0x07ce3d1d in WebCore::ArchiveResource::~ArchiveResource (this=0x235f2740) at archive/ArchiveResource.h:38
#5  0x02d80199 in WTF::RefCounted<WebCore::SubstituteResource>::deref (this=0x235f2744) at RefCounted.h:96
#6  0x02e15c7e in -[WebResourcePrivate dealloc] (self=0x2350ee90, _cmd=0x33e1514) at WebKit/mac/WebView/WebResource.mm:97
#7  0x02e158ed in -[WebResource dealloc] (self=0x235f9a80, _cmd=0x33e1514) at WebKit/mac/WebView/WebResource.mm:194
#8  0x02d7f965 in -[WebArchivePrivate dealloc] (self=0x1ed68310, _cmd=0x33e1514) at WebKit/mac/WebView/WebArchive.mm:118
#9  0x02d7e765 in -[WebArchive dealloc] (self=0x235f8450, _cmd=0x33e1514) at WebKit/mac/WebView/WebArchive.mm:265
#10 0x0213cb56 in -[WebMessageDocument dealloc] ()
#11 0x035525ba in CFRelease () at FastMalloc.h:90
#12 0x0351fb69 in __CFDictionaryDeallocate () at FastMalloc.h:90
#13 0x03552768 in _CFRelease () at FastMalloc.h:90
#14 0x0008c2ad in ?? ()
#15 0x01a83e4f in NSPopAutoreleasePool ()
#16 0x00d786cc in -[NSApplication run] ()
#17 0x00d458a4 in NSApplicationMain ()
#18 0x000fb6f2 in ?? ()
Current language:  auto; currently c++

Comment 1 Darin Adler 2008-12-23 08:05:35 PST

The problem here is that Mail is using WebArchive and WebResource from a non-main thread, and this is not supported.

Comment 2 Darin Adler 2008-12-23 08:23:03 PST

Created attachment 26226 [details]
patch

Comment 3 Alexey Proskuryakov 2008-12-23 10:47:13 PST

Comment on attachment 26226 [details]
patch

r=me

It's unfortunate that needMailThreadWorkaround() and _needMailThreadWorkaround() perform different checks, but I don't have any better suggestion.

Comment 4 Darin Adler 2008-12-23 13:41:05 PST

http://trac.webkit.org/changeset/39455