Bug 306673

Summary: [ITP] Crash in ResourceLoadStatisticsStore::ensureResourceStatisticsForRegistrableDomain due to unsafe std::optional access
Product: WebKit Reporter: David Kilzer (:ddkilzer) <ddkilzer>
Component: Website StorageAssignee: David Kilzer (:ddkilzer) <ddkilzer>
Status: RESOLVED FIXED    
Severity: Normal CC: sihui_liu, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   

David Kilzer (:ddkilzer)
Reported 2026-01-30 17:33:57 PST
ResourceLoadStatisticsStore::ensureResourceStatisticsForRegistrableDomain() crashes with `std::bad_optional_access` when calling `.value()` on an empty `std::optional<unsigned>` returned by `domainID(domain)`. The crash occurs when: 1. `insertObservedDomain()` successfully inserts a domain into the database 2. `domainID(domain)` immediately fails to find the just-inserted domain, returning `std::nullopt` 3. Calling `.value()` on the empty optional throws `std::bad_optional_access` 4. C++ runtime calls `abort()`, terminating the process Stack trace: ``` 0 libsystem_c.dylib: abort 1 libc++.1.dylib: std::bad_optional_access 2 libc++.1.dylib: std::optional<unsigned>::value 3 WebKit: WebKit::ResourceLoadStatisticsStore::domainID 4 WebKit: WebKit::ResourceLoadStatisticsStore::insertObservedDomain 5 WebKit: WebKit::ResourceLoadStatisticsStore::ensureResourceStatisticsForRegistrableDomain 6 WebKit: WebKit::ResourceLoadStatisticsStore::setIsScheduledForAllScriptWrittenStorageRemoval [...] ``` <rdar://167532652>
Attachments
Add attachment proposed patch, testcase, etc.
David Kilzer (:ddkilzer)
Comment 1 2026-01-30 17:33:58 PST
The fix replaces the unsafe `.value()` call with proper optional checking and error recovery. Also fixes a misleading error message. Testing notes: Unable to write a test since it would require removing a just-inserted domain from the database using an unknown mechanism external to ensureResourceStatisticsForRegistrableDomain(). No change in behavior for successful operations, only improves error handling for edge cases.
David Kilzer (:ddkilzer)
Comment 2 2026-01-30 18:16:08 PST
Pull request: https://github.com/WebKit/WebKit/pull/57608
EWS
Comment 3 2026-02-02 18:37:40 PST
Committed 306672@main (215b7246a621): <https://commits.webkit.org/306672@main> Reviewed commits have been landed. Closing PR #57608 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.