RESOLVED FIXED 199420
ThreadSafeRefCounted<DestructionThread::Main> is not safe to use in the UIProcess 
https://bugs.webkit.org/show_bug.cgi?id=199420
Summary ThreadSafeRefCounted<DestructionThread::Main> is not safe to use in the UIPro...
Chris Dumez
Reported 2019-07-02 14:05:37 PDT
ThreadSafeRefCounted<DestructionThread::Main> is not safe to use in the UIProcess because its implementation relies on isMainThread() / callOnMainThread(). Those get confused about which thread is the main thread when an application uses both WK1 and WK2.
Attachments
Patch (6.67 KB, patch)
2019-07-02 14:11 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Chris Dumez
Comment 1 2019-07-02 14:05:54 PDT
<rdar://problem/52289717>
Ryosuke Niwa
Comment 2 2019-07-02 14:06:15 PDT
We can add an assertion to catch this?
Chris Dumez
Comment 3 2019-07-02 14:11:51 PDT
Created attachment 373360 [details] Patch
Chris Dumez
Comment 4 2019-07-02 14:12:59 PDT
(In reply to Ryosuke Niwa from comment #2) > We can add an assertion to catch this? I think it would be great yes, but I am not sure how to write it. I know similar issues came up in the past, did we come up with a solution to catch this?
Ryosuke Niwa
Comment 5 2019-07-02 14:24:13 PDT
(In reply to Chris Dumez from comment #4) > (In reply to Ryosuke Niwa from comment #2) > > We can add an assertion to catch this? > > I think it would be great yes, but I am not sure how to write it. I know > similar issues came up in the past, did we come up with a solution to catch > this? There is isInWebProcess() as a runtime check which is a bit cheesy. Ideally, it's something we initialize via XPC bootstrapping instead.
Ryosuke Niwa
Comment 6 2019-07-02 15:25:46 PDT
Comment on attachment 373360 [details] Patch How about WebResourceLoadStatisticsStore?
Ryosuke Niwa
Comment 7 2019-07-02 15:26:11 PDT
Also Storage in NetworkCacheStorage.
Ryosuke Niwa
Comment 8 2019-07-02 15:27:47 PDT
Also, RegistrationDatabase and ServiceWorkerFetch::Client in WebCore uses it. Doesn't UI process use any of them?
Chris Dumez
Comment 9 2019-07-02 15:31:46 PDT
(In reply to Ryosuke Niwa from comment #6) > Comment on attachment 373360 [details] > Patch > > How about WebResourceLoadStatisticsStore? Looks like it is in the NetworkProcess noawadays?
Ryosuke Niwa
Comment 10 2019-07-02 15:32:11 PDT
(In reply to Chris Dumez from comment #4) > (In reply to Ryosuke Niwa from comment #2) > > We can add an assertion to catch this? > > I think it would be great yes, but I am not sure how to write it. I know > similar issues came up in the past, did we come up with a solution to catch > this? See https://bugs.webkit.org/show_bug.cgi?id=185330
Chris Dumez
Comment 11 2019-07-02 15:32:34 PDT
(In reply to Ryosuke Niwa from comment #7) > Also Storage in NetworkCacheStorage. Again, this is in the NetworkProcess so not an issue.
Chris Dumez
Comment 12 2019-07-02 15:33:54 PDT
(In reply to Ryosuke Niwa from comment #8) > Also, RegistrationDatabase and ServiceWorkerFetch::Client in WebCore uses > it. Doesn't UI process use any of them? RegistrationDatabase is used only in the NetworkProcess so not a problem. ServiceWorkerFetch::Client is used in the Service Worker process I believe (So a WebProcess), thus not an issue either.
Chris Dumez
Comment 13 2019-07-02 15:36:02 PDT
(In reply to Chris Dumez from comment #12) > (In reply to Ryosuke Niwa from comment #8) > > Also, RegistrationDatabase and ServiceWorkerFetch::Client in WebCore uses > > it. Doesn't UI process use any of them? > > RegistrationDatabase is used only in the NetworkProcess so not a problem. > ServiceWorkerFetch::Client is used in the Service Worker process I believe > (So a WebProcess), thus not an issue either. To be clear, classes that are used in the Network or WebContent processes, and only by WebKit2 code could use either DestructionThread::Main or DestructionThreadMainRunLoop. They would both be safe AFAIK. The only problematic ones are the ones used in the UIProcess, and I fixed the 2 classes I that were obviously used in the UIProcess.
WebKit Commit Bot
Comment 14 2019-07-02 16:07:51 PDT
Comment on attachment 373360 [details] Patch Clearing flags on attachment: 373360 Committed r247078: <https://trac.webkit.org/changeset/247078>
WebKit Commit Bot
Comment 15 2019-07-02 16:07:53 PDT
All reviewed patches have been landed. Closing bug.
Chris Dumez
Comment 16 2019-07-10 09:44:55 PDT
*** Bug 199657 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.