Bug 199072 - Resolve frequent crashes in String::isolatedCopy inside topPrivatelyControlledDomain call
Summary: Resolve frequent crashes in String::isolatedCopy inside topPrivatelyControlle...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit Misc. (show other bugs)
Version: Safari 10
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Brent Fulgham
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2019-06-20 11:16 PDT by Brent Fulgham
Modified: 2019-06-20 13:52 PDT (History)
9 users (show)

See Also:


Attachments
Patch (4.42 KB, patch)
2019-06-20 11:42 PDT, Brent Fulgham
youennf: review+
commit-queue: commit-queue-
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Brent Fulgham 2019-06-20 11:16:15 PDT
Crash data indicates that we are frequently crashing while performing 'String::isolatedCopy' inside topPrivatelyControlledDomain calls. This seem to be primarily related to multiple threads attempting to initialize RegistrableDomain members at the same time.

Code review showed the potential for a thread contention issue.

This patch resolves the problem in two ways:

(1) A thread safety issue in the implementation of WebCore::topPrivatelyControlledDomain is corrected. (Note: This is an issue because we build WebKit with --fno-threadsafe-statics).
(2) I added a call during NetworkProcess initialization (before spawning multiple threads) to initialize the domain cache. This change is probably not needed, but adds another layer of defense.
Comment 1 Brent Fulgham 2019-06-20 11:16:31 PDT
<rdar://problem/51428162>
Comment 2 Brent Fulgham 2019-06-20 11:42:14 PDT
Created attachment 372575 [details]
Patch
Comment 3 youenn fablet 2019-06-20 13:08:29 PDT
Comment on attachment 372575 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=372575&action=review

> Source/WebKit/ChangeLog:17
> +        (2) Call WebCore::topPrivatelyControlledDomain during NetworkProcess initialization (before

We probably do not need 2 given we have 1.
Comment 4 WebKit Commit Bot 2019-06-20 13:12:52 PDT
Comment on attachment 372575 [details]
Patch

Rejecting attachment 372575 [details] from commit-queue.

Failed to run "['/Volumes/Data/EWS/WebKit/Tools/Scripts/webkit-patch', '--status-host=webkit-queues.webkit.org', '--bot-id=webkit-cq-02', 'validate-changelog', '--check-oops', '--non-interactive', 372575, '--port=mac']" exit_code: 1 cwd: /Volumes/Data/EWS/WebKit

ChangeLog entry in Source/WebKit/ChangeLog contains OOPS!.

Full output: https://webkit-queues.webkit.org/results/12534056
Comment 5 Brent Fulgham 2019-06-20 13:39:33 PDT
Committed r246652: <https://trac.webkit.org/changeset/246652>
Comment 6 Alexey Proskuryakov 2019-06-20 13:42:29 PDT
Comment on attachment 372575 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=372575&action=review

> Source/WebKit/NetworkProcess/NetworkProcess.cpp:293
> +    UNUSED_PARAM(initialized);

This is not a parameter, so using the UNUSED_PARAM macro is incorrect.
Comment 7 Brent Fulgham 2019-06-20 13:52:51 PDT
(In reply to Alexey Proskuryakov from comment #6)
> Comment on attachment 372575 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=372575&action=review
> 
> > Source/WebKit/NetworkProcess/NetworkProcess.cpp:293
> > +    UNUSED_PARAM(initialized);
> 
> This is not a parameter, so using the UNUSED_PARAM macro is incorrect.

I removed that code.