Bug 183242 - Crash when updating cache entry after validation in app that uses class A file protection
Summary: Crash when updating cache entry after validation in app that uses class A fil...
Alias: None
Product: WebKit
Classification: Unclassified
Component: Page Loading (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
Keywords: InRadar
Depends on:
Reported: 2018-03-01 05:30 PST by Antti Koivisto
Modified: 2018-03-01 09:11 PST (History)
5 users (show)

See Also:

patch (2.37 KB, patch)
2018-03-01 05:47 PST, Antti Koivisto
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Antti Koivisto 2018-03-01 05:30:45 PST
We have network process crashes with some apps when trying to update cache entry after validation:

Exception Type:  EXC_BAD_ACCESS (SIGBUS)
Exception Subtype: unknown at 0x0000000106d70000
VM Region Info: 0x106d70000 is in 0x106d70000-0x106da0000;  bytes after start: 0  bytes before end: 196607
      REGION TYPE                      START - END             [ VSIZE] PRT/MAX SHRMOD  REGION DETAIL
      MALLOC_LARGE           0000000106d5c000-0000000106d70000 [   80K] rw-/rwx SM=PRV  
--->  mapped file            0000000106d70000-0000000106da0000 [  192K] r--/rw- SM=COW  
      MALLOC_LARGE           0000000106da0000-0000000106db4000 [   80K] rw-/rwx SM=PRV 

Thread 0 name:  Dispatch queue: com.apple.main-thread
Thread 0 Crashed ↩:
0   libsystem_platform.dylib      	0x0000000181064a00 _platform_memmove + 48
1   WebCore                       	0x000000018ad73e70 WebCore::SharedBuffer::append(char const*, unsigned long) + 148 (Vector.h:159)
2   WebCore                       	0x000000018ad73fdc WebCore::SharedBuffer::SharedBuffer(unsigned char const*, unsigned long) + 52 (SharedBuffer.cpp:47)
3   WebKit                        	0x000000019157fa1c WebKit::NetworkCache::Entry::initializeBufferFromStorageRecord() const + 160 (SharedBuffer.h:59)
4   WebKit                        	0x000000019157faa4 WebKit::NetworkCache::Entry::buffer() const + 32 (NetworkCacheEntry.cpp:176)
5   WebKit                        	0x000000019157bb88 WebKit::NetworkCache::Cache::update(WebCore::ResourceRequest const&, std::__1::pair<unsigned long long, unsigned long long> const&, WebKit::NetworkCache::Entry const&, WebCore::ResourceResponse const&) + 124 (NetworkCache.cpp:477)
6   WebKit                        	0x00000001915cbc78 WebKit::NetworkResourceLoader::didReceiveResponse(WebCore::ResourceResponse&&) + 460 (NetworkResourceLoader.cpp:337)
7   WebKit                        	0x00000001915b87a0 WebKit::NetworkLoad::notifyDidReceiveResponse(WebCore::ResourceResponse&&, WTF::CompletionHandler<void (WebCore::PolicyAction)>&&) + 88 (NetworkLoad.cpp:255)
8   WebKit                        	0x00000001915b0fec WebKit::NetworkDataTask::didReceiveResponse(WebCore::ResourceResponse&&, WTF::CompletionHandler<void (WebCore::PolicyAction)>&&) + 344 (NetworkDataTask.cpp:112)
9   WebKit                        	0x00000001915d8714 -[WKNetworkSessionDelegate URLSession:dataTask:didReceiveResponse:completionHandler:] + 304 (NetworkSessionCocoa.mm:481)

They are caused by protection class A files becoming inaccessible after device is locked.
Comment 1 Antti Koivisto 2018-03-01 05:31:13 PST
Comment 2 Antti Koivisto 2018-03-01 05:47:38 PST
Created attachment 334809 [details]
Comment 3 WebKit Commit Bot 2018-03-01 09:11:38 PST
Comment on attachment 334809 [details]

Clearing flags on attachment: 334809

Committed r229134: <https://trac.webkit.org/changeset/229134>
Comment 4 WebKit Commit Bot 2018-03-01 09:11:39 PST
All reviewed patches have been landed.  Closing bug.