WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
187821
[ITP] Crash under ResourceLoadStatisticsMemoryStore::removeDataRecords()
https://bugs.webkit.org/show_bug.cgi?id=187821
Summary
[ITP] Crash under ResourceLoadStatisticsMemoryStore::removeDataRecords()
Chris Dumez
Reported
2018-07-19 14:47:20 PDT
Crash under ResourceLoadStatisticsMemoryStore::removeDataRecords(): Thread 0 name: Dispatch queue: com.apple.main-thread Thread 0 Crashed ↩: 0 libdispatch.dylib 0x00000001a451dc3c dispatch_async$VARIANT$armv81 + 208 (inline_internal.h:2596) 1 libdispatch.dylib 0x00000001a451dba4 dispatch_async$VARIANT$armv81 + 56 (inline_internal.h:2567) 2 JavaScriptCore 0x00000001ac7c74d4 WTF::WorkQueue::dispatch(WTF::Function<void ()>&&) + 140 (WorkQueueCocoa.cpp:35) 3 WebKit 0x00000001b4e8f620 WTF::Function<void (WTF::HashSet<WTF::String, WTF::StringHash, WTF::HashTraits<WTF::String> > const&)>::CallableWrapper<WebKit::ResourceLoadStatisticsMemoryStore::removeDataRecords(WTF::CompletionHandler<void ()>&&)::$_1::operator()()::'lambda'(WTF::HashSet<WTF::String, WTF::StringHash, WTF::HashTraits<WTF::String> > const&)>::call(WTF::HashSet<WTF::String, WTF::StringHash, WTF::HashTraits<WTF::String> > const&) + 172 (ResourceLoadStatisticsMemoryStore.cpp:249) 4 WebKit 0x00000001b50498e8 WTF::Function<void (WTF::HashSet<WTF::String, WTF::StringHash, WTF::HashTraits<WTF::String> >)>::operator()(WTF::HashSet<WTF::String, WTF::StringHash, WTF::HashTraits<WTF::String> >) const + 64 (Function.h:56) 5 WebKit 0x00000001b50497a8 WTF::Function<void (WTF::HashSet<WTF::String, WTF::StringHash, WTF::HashTraits<WTF::String> >&&)>::CallableWrapper<WebKit::WebProcessProxy::deleteWebsiteDataForTopPrivatelyControlledDomainsInAllPersistentDataStores(WTF::OptionSet<WebKit::WebsiteDataType>, WTF::Vector<WTF::String, 0ul, WTF::CrashOnOverflow, 16ul>&&, bool, WTF::Function<void (WTF::HashSet<WTF::String, WTF::StringHash, WTF::HashTraits<WTF::String> > const&)>&&)::$_1>::call(WTF::HashSet<WTF::String, WTF::StringHash, WTF::HashTraits<WTF::String> >&&) + 224 (WebProcessProxy.cpp:277) 6 JavaScriptCore 0x00000001ac7aea98 WTF::RunLoop::performWork() + 276 (Function.h:56) 7 JavaScriptCore 0x00000001ac7aed60 WTF::RunLoop::performWork(void*) + 36 (RunLoopCF.cpp:38) 8 CoreFoundation 0x00000001a4a9c3cc __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 24 (CFRunLoop.c:1980) 9 CoreFoundation 0x00000001a4a9c34c __CFRunLoopDoSource0 + 88 (CFRunLoop.c:2015) 10 CoreFoundation 0x00000001a4a9bc2c __CFRunLoopDoSources0 + 176 (CFRunLoop.c:2051) 11 CoreFoundation 0x00000001a4a96ad0 __CFRunLoopRun + 1044 (CFRunLoop.c:2922) 12 CoreFoundation 0x00000001a4a96398 CFRunLoopRunSpecific + 436 (CFRunLoop.c:3247) 13 GraphicsServices 0x00000001a6d05570 GSEventRunModal + 100 (GSEvent.c:2245) 14 UIKitCore 0x00000001d2560f5c UIApplicationMain + 212 (UIApplication.m:4314) 15 SafariViewService 0x00000001007068bc main + 244 (main.m:60) 16 libdyld.dylib 0x00000001a4556ddc start + 4
Attachments
Patch
(5.11 KB, patch)
2018-07-19 14:53 PDT
,
Chris Dumez
no flags
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Chris Dumez
Comment 1
2018-07-19 14:47:33 PDT
<
rdar://problem/42112693
>
Chris Dumez
Comment 2
2018-07-19 14:53:13 PDT
Created
attachment 345384
[details]
Patch
John Wilander
Comment 3
2018-07-19 16:20:13 PDT
Looks good to me. I assume we weren't able to add a test case that caused the crash?
Chris Dumez
Comment 4
2018-07-19 16:42:02 PDT
(In reply to John Wilander from
comment #3
)
> Looks good to me. I assume we weren't able to add a test case that caused > the crash?
I assume this code path is exercised on the bots. However, this is racy and to experience the crash, the store would need to get destroyed on the background thread *while* the WebPageProxy operation is going on on the main thread.
David Kilzer (:ddkilzer)
Comment 5
2018-07-19 20:19:02 PDT
Comment on
attachment 345384
[details]
Patch r=me
WebKit Commit Bot
Comment 6
2018-07-19 20:45:05 PDT
Comment on
attachment 345384
[details]
Patch Clearing flags on attachment: 345384 Committed
r234020
: <
https://trac.webkit.org/changeset/234020
>
WebKit Commit Bot
Comment 7
2018-07-19 20:45:07 PDT
All reviewed patches have been landed. Closing bug.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug