Bug 239255 - StorageMap::importItems may update currentSize wrongly in release build
Summary: StorageMap::importItems may update currentSize wrongly in release build
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Website Storage (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Sihui Liu
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2022-04-12 14:53 PDT by Sihui Liu
Modified: 2022-04-13 15:46 PDT (History)
3 users (show)

See Also:

Attachments
Patch (2.67 KB, patch)
2022-04-12 15:21 PDT, Sihui Liu 		ews-feeder: commit-queue-
Details | Formatted Diff | Diff
Patch (2.77 KB, patch)
2022-04-12 15:58 PDT, Sihui Liu 		no flags Details | Formatted Diff | Diff
Patch (2.54 KB, patch)
2022-04-13 10:00 PDT, Sihui Liu 		no flags Details | Formatted Diff | Diff
Patch (2.52 KB, patch)
2022-04-13 10:14 PDT, Sihui Liu 		no flags Details | Formatted Diff | Diff
Patch (2.56 KB, patch)
2022-04-13 10:29 PDT, Sihui Liu 		no flags Details | Formatted Diff | Diff
Show Obsolete (4) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sihui Liu 2022-04-12 14:53:52 PDT 
...
Comment 1 Sihui Liu 2022-04-12 15:21:35 PDT 
Created attachment 457482 [details]
Patch
Comment 2 Sihui Liu 2022-04-12 15:58:19 PDT 
Created attachment 457486 [details]
Patch
Comment 3 Chris Dumez 2022-04-12 16:01:37 PDT 
Comment on attachment 457486 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=457486&action=review

> Source/WebCore/storage/StorageMap.cpp:166
> +        RELEASE_LOG_ERROR(Storage, "StorageMap::importItems failed to import because map is not empty");

Why is it OK to ignore the items in this case? If that's not supposed to happen, should we ASSERT?
Comment 4 Sihui Liu 2022-04-13 09:54:41 PDT 
(In reply to Chris Dumez from comment #3)
> Comment on attachment 457486 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=457486&action=review
> 
> > Source/WebCore/storage/StorageMap.cpp:166
> > +        RELEASE_LOG_ERROR(Storage, "StorageMap::importItems failed to import because map is not empty");
> 
> Why is it OK to ignore the items in this case? If that's not supposed to
> happen, should we ASSERT?

Yes, we can turn it into assertion
Comment 5 Sihui Liu 2022-04-13 10:00:33 PDT 
Created attachment 457539 [details]
Patch
Comment 6 Chris Dumez 2022-04-13 10:08:51 PDT 
Comment on attachment 457539 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=457539&action=review

> Source/WebCore/storage/StorageMap.cpp:166
> +    CheckedUint32 newSize = m_impl->currentSize;

why `= m_impl->currentSize`? I thought the map was empty?

Can we assert that m_impl->currentSize is 0 and then just use `CheckedUint32 newSize;` here?
Comment 7 Sihui Liu 2022-04-13 10:14:47 PDT 
Created attachment 457542 [details]
Patch
Comment 8 Chris Dumez 2022-04-13 10:16:32 PDT 
Comment on attachment 457542 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=457542&action=review

r=me assuming the bots are happy.

> Source/WebCore/storage/StorageMap.cpp:164
> +    RELEASE_ASSERT(!m_impl->currentSize);

Why did you drop the `RELEASE_ASSERT(m_impl->map.isEmpty());` ?

I feel it'd be good to check that both there is no item in the map and the size is indeed 0.
Comment 9 Sihui Liu 2022-04-13 10:27:49 PDT 
Comment on attachment 457542 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=457542&action=review

>> Source/WebCore/storage/StorageMap.cpp:164
>> +    RELEASE_ASSERT(!m_impl->currentSize);
> 
> Why did you drop the `RELEASE_ASSERT(m_impl->map.isEmpty());` ?
> 
> I feel it'd be good to check that both there is no item in the map and the size is indeed 0.

I thought you mean replacing RELEASE_ASSERT with this... will update.
Comment 10 Sihui Liu 2022-04-13 10:29:03 PDT 
Created attachment 457543 [details]
Patch
Comment 11 EWS 2022-04-13 15:45:13 PDT 
Committed r292836 (249609@main): <https://commits.webkit.org/249609@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 457543 [details].
Comment 12 Radar WebKit Bug Importer 2022-04-13 15:46:16 PDT 
<rdar://problem/91719712>