WebKit Bugzilla
New
Browse
Search+
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
141094
Crash in MemoryCache::removeRequestFromSessionCaches()
https://bugs.webkit.org/show_bug.cgi?id=141094
Summary
Crash in MemoryCache::removeRequestFromSessionCaches()
Chris Dumez
Reported
2015-01-30 13:06:40 PST
Crash in MemoryCache::removeRequestFromSessionCaches() sometimes happens when running fast/files/workers/worker-apply-blob-url-to-xhr.html:
https://build.webkit.org/results/Apple%20Mavericks%20Debug%20WK1%20(Tests)/r179403%20(10178)/fast/files/workers/worker-apply-blob-url-to-xhr-crash-log.txt
The reason is that we remove items from m_sessionResources as we are iterating over it, thus invalidating our iterator.
Attachments
Add attachment
proposed patch, testcase, etc.
Chris Dumez
Comment 1
2015-01-30 13:48:22 PST
r179403
is calling HashTable::add() which invalidates all iterators, even if we don't end up actually adding anything to the HashTable. The previous code was calling get() (which would not invalidate iterators) and then call add() only if the item is not in the HashMap. From this call site, we know the sessionID is in the HashMap so it is actually safe but we hit the assertion in HashTableIterator anyway. A clean solution would be to have 2 separate sessionResources() getters: a getOrCreate() one and a getOnlyIfExists() one.
Chris Dumez
Comment 2
2015-01-30 14:00:38 PST
Rolled out in <
http://trac.webkit.org/changeset/179410
>.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug