REOPENED 232314
Network process crash when fetching WebsiteDataType::ResourceLoadStatistics or calling webkit_website_data_manager_get_itp_summary() in ephemeral sessions 
https://bugs.webkit.org/show_bug.cgi?id=232314
Summary Network process crash when fetching WebsiteDataType::ResourceLoadStatistics o...
Michael Catanzaro
Reported 2021-10-26 09:51:45 PDT
Reproducer: create an incognito mode window in Epiphany, open preferences, then open the personal data dialog. The network process will crash. Detailed backtrace here: https://bugzilla-attachments.redhat.com/attachment.cgi?id=1837253&t=Coz3VzYSQm. That backtrace is for 2.32, but I've just reproduced with 2.34.1. Problem is Epiphany fetches all types of website data, as is reasonable. NetworkProcess::fetchWebsiteData does this: #if ENABLE(INTELLIGENT_TRACKING_PREVENTION) if (websiteDataTypes.contains(WebsiteDataType::ResourceLoadStatistics)) { if (auto* session = networkSession(sessionID)) { if (auto* resourceLoadStatistics = session->resourceLoadStatistics()) { resourceLoadStatistics->registrableDomains([callbackAggregator](auto&& domains) mutable { while (!domains.isEmpty()) callbackAggregator->m_websiteData.registrableDomainsWithResourceLoadStatistics.add(domains.takeLast()); }); } } } #endif The call to WebResourceLoadStatisticsStore::registrableDomains calls WebResourceLoadStatisticsStore::postTask, and that does this: // Resource load statistics should not be captured for ephemeral sessions. RELEASE_ASSERT(!isEphemeral()); Oops. We either need an early return in NetworkProcess::fetchWebsiteData, or perhaps better in WebResourceLoadStatisticsStore::registrableDomains? Or maybe it would be better if NetworkSession::resourceLoadStatistics would return nullptr rather than a valid WebResourceLoadStatisticsStore when we have an ephemeral session? Or for NetworkSession::setResourceLoadStatisticsEnabled to never be called in the first place? That's ultimately triggered via WebsiteDataStore::parameters and WebsiteDataStore::setResourceLoadStatisticsEnabled. Maybe that would be the right place to force it to false for ephemeral sessions?
Attachments
Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2021-11-02 09:52:16 PDT
<rdar://problem/84934873>
Michael Catanzaro
Comment 2 2021-11-08 14:00:06 PST
Hi John, any preferences on how to fix this? If not, I'll probably go for a localized fix in NetworkProcess::fetchWebsiteData.
Michael Catanzaro
Comment 3 2021-12-01 10:15:18 PST
I can't reproduce this anymore, not with trunk and not with 2.34.1 either. I'm not sure when this somehow got fixed.
Michael Catanzaro
Comment 4 2021-12-01 12:00:39 PST
Actually I can reproduce with 2.34.1, but not with trunk. Going to leave this closed.
Michael Catanzaro
Comment 5 2024-10-16 16:15:20 PDT
Reopening because I just hit this again today. Updated backtrace looks like: #0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at pthread_kill.c:44 #1 0x00007f0afd29af83 in __pthread_kill_internal (threadid=<optimized out>, signo=6) at pthread_kill.c:78 #2 0x00007f0afd24208e in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 #3 0x00007f0afd229882 in __GI_abort () at abort.c:79 #4 0x00007f0afdae8ddf in WTFCrashWithInfo () at WTF/Headers/wtf/Assertions.h:864 #5 0x00007f0afdd9ae36 in WebKit::WebResourceLoadStatisticsStore::postTask (this=0x7f0ae3018400, task=<optimized out>) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:201 #6 WebKit::WebResourceLoadStatisticsStore::aggregatedThirdPartyData (this=0x7f0ae3018400, completionHandler=<optimized out>) at /buildstream/gnome/sdk/webkitgtk-6.0.bst/Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:1561 ... I'll omit the rest of the backtrace because it's just this release assert: inline void WebResourceLoadStatisticsStore::postTask(WTF::Function<void()>&& task) { // Resource load statistics should not be captured for ephemeral sessions. RELEASE_ASSERT(!isEphemeral()); It's reproducible by opening Epiphany's Privacy Report dialog in a private browsing window, which calls webkit_website_data_manager_get_itp_summary(). Apparently that's guaranteed to crash the network process if called for an ephemeral session? I suppose the WebKit API will need to guard against this usage somewhere.
Michael Catanzaro
Comment 6 2025-03-29 12:17:44 PDT
*** Bug 290391 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.