WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
181747
WebCoreResourceHandleAsOperationQueueDelegate/ResourceHandleCFURLConnectionDelegateWithOperationQueue may be deleted in main thread callback
https://bugs.webkit.org/show_bug.cgi?id=181747
Summary
WebCoreResourceHandleAsOperationQueueDelegate/ResourceHandleCFURLConnectionDe...
Daniel Bates
Reported
2018-01-17 10:26:31 PST
While investigating the assertion failure in
bug #181746
I noticed that WebCoreResourceHandleAsOperationQueueDelegate does not retain itself before waiting on a main thread operation. The main thread operation can do anything, including detaching from WebCoreResourceHandleAsOperationQueueDelegate and deleting it. A PingHandle is one example of a resource handle that will delete itself as soon as possible => detach and delete its resource handle delegate (WebCoreResourceHandleAsOperationQueueDelegate). Specifically, a PingHandle will delete itself when the delegate queries (on the main thread) whether it can respond to an authentication request (a ping never responds to authentication requests) => WebCoreResourceHandleAsOperationQueueDelegate is deleted while it is waiting for the main thread to respond.
Attachments
Patch
(4.89 KB, patch)
2018-01-17 10:35 PST
,
Daniel Bates
achristensen
: review+
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1
2018-01-17 10:33:57 PST
<
rdar://problem/36588120
>
Daniel Bates
Comment 2
2018-01-17 10:35:02 PST
Created
attachment 331510
[details]
Patch
Alex Christensen
Comment 3
2018-01-17 10:38:38 PST
Comment on
attachment 331510
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=331510&action=review
> Source/WebCore/platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:172 > + auto protectedSelf = retainPtr(self);
I'm not sure if this one's necessary because it doesn't do anything with self after calling the function which, until it is sent to the main thread, has a protector inside it's lambda capture.
Alex Christensen
Comment 4
2018-01-17 10:38:57 PST
We should consider doing the same for the CFURLConnection code on Windows.
Daniel Bates
Comment 5
2018-01-17 10:40:19 PST
Comment on
attachment 331510
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=331510&action=review
>> Source/WebCore/platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:172 >> + auto protectedSelf = retainPtr(self); > > I'm not sure if this one's necessary because it doesn't do anything with self after calling the function which, until it is sent to the main thread, has a protector inside it's lambda capture.
Oops! Will remove.
Daniel Bates
Comment 6
2018-01-17 10:48:42 PST
(In reply to Alex Christensen from
comment #4
)
> We should consider doing the same for the CFURLConnection code on Windows.
Will do before landing.
Daniel Bates
Comment 7
2018-01-17 10:57:21 PST
Committed
r227073
: <
https://trac.webkit.org/changeset/227073
>
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug