Bug 250346

Summary: AX: With ITM enabled, reloading the page causes a deadlock
Product: WebKit Reporter: Tyler Wilcock <tyler_w>
Component: AccessibilityAssignee: Tyler Wilcock <tyler_w>
Status: RESOLVED FIXED    
Severity: Normal CC: aboxhall, andresg_22, apinheiro, cfleizach, dmazzoni, ews-watchlist, jcraig, jdiggs, samuel_white, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: Other   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch
none
Patch none

Tyler Wilcock
Reported 2023-01-09 16:19:40 PST
This is caused by unconditional re-entrant acquisition of s_storeLock when an isolated tree is destroyed.
Attachments
Patch (7.38 KB, patch)
2023-01-09 16:32 PST, Tyler Wilcock 		no flags
DetailsFormatted DiffDiff
Patch (6.55 KB, patch)
2023-01-09 19:45 PST, Tyler Wilcock 		no flags
DetailsFormatted DiffDiff
Patch (9.02 KB, patch)
2023-01-09 23:47 PST, Tyler Wilcock 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2023-01-09 16:19:54 PST
<rdar://problem/104050533>
Tyler Wilcock
Comment 2 2023-01-09 16:21:08 PST
rdar://104018097
Tyler Wilcock
Comment 3 2023-01-09 16:32:59 PST
Created attachment 464430 [details] Patch
Andres Gonzalez
Comment 4 2023-01-09 18:13:18 PST
(In reply to Tyler Wilcock from comment #3) > Created attachment 464430 [details] > Patch I think the right fix is to remove this line from applyPendingchanges: Locker locker { s_storeLock }; because the new AXTreeStore takes care of the lock for each one of the operations it performs. Notice that otherwise the problem is still there in debug builds for the block that follows: #ifndef NDEBUG ASSERT(AXTreeStore::contains(treeID())); ... Should make sure that we are not acquiring the store lock somewhere else unnecessarily.
Tyler Wilcock
Comment 5 2023-01-09 19:45:48 PST
Created attachment 464437 [details] Patch
Tyler Wilcock
Comment 6 2023-01-09 23:47:32 PST
Created attachment 464440 [details] Patch
EWS
Comment 7 2023-01-10 10:40:46 PST
Committed 258735@main (9cdd3b498e3e): <https://commits.webkit.org/258735@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 464440 [details].
Note You need to log in before you can comment on or make changes to this bug.