182316 – com.apple.WebKit.Storage crashing at com.apple.WebCore: WebCore::SWServerRegistration::removeClientUsingRegistration

Bug 182316 - com.apple.WebKit.Storage crashing at com.apple.WebCore: WebCore::SWServerRegistration::removeClientUsingRegistration

Summary: com.apple.WebKit.Storage crashing at com.apple.WebCore: WebCore::SWServerRegi...

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Service Workers (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	youenn fablet

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2018-01-30 16:46 PST by youenn fablet
Modified:	2018-01-31 11:14 PST (History)
CC List:	4 users (show)

See Also:

Attachments
Patch (2.32 KB, patch) 2018-01-30 16:49 PST, youenn fablet	no flags	Details \| Formatted Diff \| Diff
Patch for landing (1.96 KB, patch) 2018-01-31 09:25 PST, youenn fablet	no flags	Details \| Formatted Diff \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description youenn fablet 2018-01-30 16:46:37 PST

com.apple.WebKit.Storage crashing at com.apple.WebCore: WebCore::SWServerRegistration::removeClientUsingRegistration.
This means SWServer.m_clientToControllingWorker and m_clientsUsingRegistration might currently get out of sync.

Comment 1 youenn fablet 2018-01-30 16:47:20 PST

<rdar://problem/37025976>

Comment 2 youenn fablet 2018-01-30 16:49:52 PST

Created attachment 332724 [details]
Patch

Comment 3 Chris Dumez 2018-01-31 09:19:54 PST

Comment on attachment 332724 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=332724&action=review

> Source/WebCore/workers/service/server/SWServerRegistration.cpp:184
> +    if (iterator != m_clientsUsingRegistration.end()) {

I would just return early. I don't think we should run handleClientUnload() if we did not really remove a client. handleClientUnload() relies on m_clientsUsingRegistration which technically has not changed.

Comment 4 youenn fablet 2018-01-31 09:25:07 PST

Created attachment 332767 [details]
Patch for landing

Comment 5 WebKit Commit Bot 2018-01-31 11:14:56 PST

Comment on attachment 332767 [details]
Patch for landing

Clearing flags on attachment: 332767

Committed r227909: <https://trac.webkit.org/changeset/227909>

Comment 6 WebKit Commit Bot 2018-01-31 11:14:57 PST

All reviewed patches have been landed.  Closing bug.