114178 2013-04-08 11:02:10 -0700 Crashes in WebSocketChannel::processFrame when processing a ping 2013-04-08 14:34:47 -0700 1 1 1 Unclassified WebKit WebCore Misc. 528+ (Nightly build) Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 ap ap toyoshim oldest_to_newest 870891 0 ap 2013-04-08 11:02:10 -0700 We're seeing a number of crashes in WebSocketChannel::processFrame when processing a ping. I could never reproduce that, but I have a theory about why this happens. <rdar://problem/12834449> 870930 1 196874 ap 2013-04-08 11:09:50 -0700 Created attachment 196874 proposed fix 870960 2 ap 2013-04-08 11:15:59 -0700 Committed <http://trac.webkit.org/changeset/147938>. 196874 2013-04-08 11:09:50 -0700 2013-04-08 11:13:03 -0700 proposed fix WebSocketCrash.txt text/plain 4915 ap SW5kZXg6IFNvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2Vi Q29yZS9DaGFuZ2VMb2cJKHJldmlzaW9uIDE0NzkzNikKKysrIFNvdXJjZS9XZWJDb3JlL0NoYW5n ZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDI3IEBACisyMDEzLTA0LTA4ICBBbGV4ZXkg UHJvc2t1cnlha292ICA8YXBAYXBwbGUuY29tPgorCisgICAgICAgIDxyZGFyOi8vcHJvYmxlbS8x MjgzNDQ0OT4gQ3Jhc2hlcyBpbiBXZWJTb2NrZXRDaGFubmVsOjpwcm9jZXNzRnJhbWUgd2hlbiBw cm9jZXNzaW5nIGEgcGluZworICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1 Zy5jZ2k/aWQ9MTE0MTc4CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisK KyAgICAgICAgTm8gdGVzdCwgSSBjb3VsZCBuZXZlciByZXByb2R1Y2UgZXZlbiBtYW51YWxseS4K KworICAgICAgICBDYWxsaW5nIGVucXVldWVSYXdGcmFtZSgpIGNvdWxkIGNoYW5nZSBpbmNvbWlu ZyBidWZmZXIsIHNvIGEgc3Vic2VxdWVudCBza2lwQnVmZmVyKCkKKyAgICAgICAgd291bGQgb3Bl cmF0ZSBvbiB3cm9uZyBhc3N1bXB0aW9ucy4gVGhpcyBoYXBwZW5lZCBiZWNhdXNlIGVucXVldWVS YXdGcmFtZSgpIGFjdHVhbGx5CisgICAgICAgIHRyaWVkIHRvIHByb2Nlc3MgdGhlIHF1ZXVlLCBh bmQgc2VuZCBmYWlsdXJlIHNvbWV0aW1lZCBjbGVhcnMgbV9idWZmZXIuCisKKyAgICAgICAgRml4 aW5nIHRoaXMgYnkgZGVjb3VwbGluZyBlbnF1ZXVpbmcgZnJvbSBzZW5kaW5nLCBhbmQgbWFraW5n IHN1cmUgdGhhdCBza2lwQnVmZmVyKCkKKyAgICAgICAgaW4gcGluZyBmcmFtZSBwcm9jZXNzaW5n IGlzIHBlcmZvcm1lZCBhdCBhIHNhZmUgdGltZS4KKworICAgICAgICAqIE1vZHVsZXMvd2Vic29j a2V0cy9XZWJTb2NrZXRDaGFubmVsLmNwcDoKKyAgICAgICAgKFdlYkNvcmU6OldlYlNvY2tldENo YW5uZWw6OnNlbmQpOgorICAgICAgICAoV2ViQ29yZTo6V2ViU29ja2V0Q2hhbm5lbDo6c3RhcnRD bG9zaW5nSGFuZHNoYWtlKToKKyAgICAgICAgKFdlYkNvcmU6OldlYlNvY2tldENoYW5uZWw6OnBy b2Nlc3NGcmFtZSk6CisgICAgICAgIChXZWJDb3JlOjpXZWJTb2NrZXRDaGFubmVsOjplbnF1ZXVl VGV4dEZyYW1lKToKKyAgICAgICAgKFdlYkNvcmU6OldlYlNvY2tldENoYW5uZWw6OmVucXVldWVS YXdGcmFtZSk6CisgICAgICAgIChXZWJDb3JlOjpXZWJTb2NrZXRDaGFubmVsOjplbnF1ZXVlQmxv YkZyYW1lKToKKwogMjAxMy0wNC0wOCAgSm9jZWx5biBUdXJjb3R0ZSAgPGpvY2VseW4udHVyY290 dGVAZGlnaWEuY29tPgogCiAgICAgICAgIFtRdF0gQXZvaWQgIlFGb250OjpzZXRQaXhlbFNpemU6 IFBpeGVsIHNpemUgPD0gMCAoMCkiCkluZGV4OiBTb3VyY2UvV2ViQ29yZS9Nb2R1bGVzL3dlYnNv Y2tldHMvV2ViU29ja2V0Q2hhbm5lbC5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL1dlYkNvcmUv TW9kdWxlcy93ZWJzb2NrZXRzL1dlYlNvY2tldENoYW5uZWwuY3BwCShyZXZpc2lvbiAxNDc5MjEp CisrKyBTb3VyY2UvV2ViQ29yZS9Nb2R1bGVzL3dlYnNvY2tldHMvV2ViU29ja2V0Q2hhbm5lbC5j cHAJKHdvcmtpbmcgY29weSkKQEAgLTE0MCw2ICsxNDAsNyBAQCBUaHJlYWRhYmxlV2ViU29ja2V0 Q2hhbm5lbDo6U2VuZFJlc3VsdCBXCiAgICAgTE9HKE5ldHdvcmssICJXZWJTb2NrZXRDaGFubmVs ICVwIHNlbmQoKSBTZW5kaW5nIFN0cmluZyAnJXMnIiwgdGhpcywgbWVzc2FnZS51dGY4KCkuZGF0 YSgpKTsKICAgICBDU3RyaW5nIHV0ZjggPSBtZXNzYWdlLnV0ZjgoU3RyaW5nOjpTdHJpY3RDb252 ZXJzaW9uUmVwbGFjaW5nVW5wYWlyZWRTdXJyb2dhdGVzV2l0aEZGRkQpOwogICAgIGVucXVldWVU ZXh0RnJhbWUodXRmOCk7CisgICAgcHJvY2Vzc091dGdvaW5nRnJhbWVRdWV1ZSgpOwogICAgIC8v IEFjY29yZGluZyB0byBXZWJTb2NrZXQgQVBJIHNwZWNpZmljYXRpb24sIFdlYlNvY2tldC5zZW5k KCkgc2hvdWxkIHJldHVybiB2b2lkIGluc3RlYWQKICAgICAvLyBvZiBib29sZWFuLiBIb3dldmVy LCBvdXIgaW1wbGVtZW50YXRpb24gc3RpbGwgcmV0dXJucyBib29sZWFuIGR1ZSB0byBjb21wYXRp YmlsaXR5CiAgICAgLy8gY29uY2VybiAoc2VlIGJ1ZyA2NTg1MCkuCkBAIC0xNTMsNiArMTU0LDcg QEAgVGhyZWFkYWJsZVdlYlNvY2tldENoYW5uZWw6OlNlbmRSZXN1bHQgVwogewogICAgIExPRyhO ZXR3b3JrLCAiV2ViU29ja2V0Q2hhbm5lbCAlcCBzZW5kKCkgU2VuZGluZyBBcnJheUJ1ZmZlciAl cCBieXRlT2Zmc2V0PSV1IGJ5dGVMZW5ndGg9JXUiLCB0aGlzLCAmYmluYXJ5RGF0YSwgYnl0ZU9m ZnNldCwgYnl0ZUxlbmd0aCk7CiAgICAgZW5xdWV1ZVJhd0ZyYW1lKFdlYlNvY2tldEZyYW1lOjpP cENvZGVCaW5hcnksIHN0YXRpY19jYXN0PGNvbnN0IGNoYXIqPihiaW5hcnlEYXRhLmRhdGEoKSkg KyBieXRlT2Zmc2V0LCBieXRlTGVuZ3RoKTsKKyAgICBwcm9jZXNzT3V0Z29pbmdGcmFtZVF1ZXVl KCk7CiAgICAgcmV0dXJuIFRocmVhZGFibGVXZWJTb2NrZXRDaGFubmVsOjpTZW5kU3VjY2VzczsK IH0KIApAQCAtMTYwLDYgKzE2Miw3IEBAIFRocmVhZGFibGVXZWJTb2NrZXRDaGFubmVsOjpTZW5k UmVzdWx0IFcKIHsKICAgICBMT0coTmV0d29yaywgIldlYlNvY2tldENoYW5uZWwgJXAgc2VuZCgp IFNlbmRpbmcgQmxvYiAnJXMnIiwgdGhpcywgYmluYXJ5RGF0YS51cmwoKS5lbGlkZWRTdHJpbmco KS51dGY4KCkuZGF0YSgpKTsKICAgICBlbnF1ZXVlQmxvYkZyYW1lKFdlYlNvY2tldEZyYW1lOjpP cENvZGVCaW5hcnksIGJpbmFyeURhdGEpOworICAgIHByb2Nlc3NPdXRnb2luZ0ZyYW1lUXVldWUo KTsKICAgICByZXR1cm4gVGhyZWFkYWJsZVdlYlNvY2tldENoYW5uZWw6OlNlbmRTdWNjZXNzOwog fQogCkBAIC0xNjcsNiArMTcwLDcgQEAgYm9vbCBXZWJTb2NrZXRDaGFubmVsOjpzZW5kKGNvbnN0 IGNoYXIqIAogewogICAgIExPRyhOZXR3b3JrLCAiV2ViU29ja2V0Q2hhbm5lbCAlcCBzZW5kKCkg U2VuZGluZyBjaGFyKiBkYXRhPSVwIGxlbmd0aD0lZCIsIHRoaXMsIGRhdGEsIGxlbmd0aCk7CiAg ICAgZW5xdWV1ZVJhd0ZyYW1lKFdlYlNvY2tldEZyYW1lOjpPcENvZGVCaW5hcnksIGRhdGEsIGxl bmd0aCk7CisgICAgcHJvY2Vzc091dGdvaW5nRnJhbWVRdWV1ZSgpOwogICAgIHJldHVybiB0cnVl OwogfQogCkBAIC00NzksNiArNDgzLDcgQEAgdm9pZCBXZWJTb2NrZXRDaGFubmVsOjpzdGFydENs b3NpbmdIYW5kcwogICAgICAgICBidWYuYXBwZW5kKHJlYXNvbi51dGY4KCkuZGF0YSgpLCByZWFz b24udXRmOCgpLmxlbmd0aCgpKTsKICAgICB9CiAgICAgZW5xdWV1ZVJhd0ZyYW1lKFdlYlNvY2tl dEZyYW1lOjpPcENvZGVDbG9zZSwgYnVmLmRhdGEoKSwgYnVmLnNpemUoKSk7CisgICAgcHJvY2Vz c091dGdvaW5nRnJhbWVRdWV1ZSgpOwogCiAgICAgbV9jbG9zaW5nID0gdHJ1ZTsKICAgICBpZiAo bV9jbGllbnQpCkBAIC02NTgsNiArNjYzLDcgQEAgYm9vbCBXZWJTb2NrZXRDaGFubmVsOjpwcm9j ZXNzRnJhbWUoKQogICAgIGNhc2UgV2ViU29ja2V0RnJhbWU6Ok9wQ29kZVBpbmc6CiAgICAgICAg IGVucXVldWVSYXdGcmFtZShXZWJTb2NrZXRGcmFtZTo6T3BDb2RlUG9uZywgZnJhbWUucGF5bG9h ZCwgZnJhbWUucGF5bG9hZExlbmd0aCk7CiAgICAgICAgIHNraXBCdWZmZXIoZnJhbWVFbmQgLSBt X2J1ZmZlci5kYXRhKCkpOworICAgICAgICBwcm9jZXNzT3V0Z29pbmdGcmFtZVF1ZXVlKCk7CiAg ICAgICAgIGJyZWFrOwogCiAgICAgY2FzZSBXZWJTb2NrZXRGcmFtZTo6T3BDb2RlUG9uZzoKQEAg LTY4Myw3ICs2ODksNiBAQCB2b2lkIFdlYlNvY2tldENoYW5uZWw6OmVucXVldWVUZXh0RnJhbWUo CiAgICAgZnJhbWUtPmZyYW1lVHlwZSA9IFF1ZXVlZEZyYW1lVHlwZVN0cmluZzsKICAgICBmcmFt ZS0+c3RyaW5nRGF0YSA9IHN0cmluZzsKICAgICBtX291dGdvaW5nRnJhbWVRdWV1ZS5hcHBlbmQo ZnJhbWUucmVsZWFzZSgpKTsKLSAgICBwcm9jZXNzT3V0Z29pbmdGcmFtZVF1ZXVlKCk7CiB9CiAK IHZvaWQgV2ViU29ja2V0Q2hhbm5lbDo6ZW5xdWV1ZVJhd0ZyYW1lKFdlYlNvY2tldEZyYW1lOjpP cENvZGUgb3BDb2RlLCBjb25zdCBjaGFyKiBkYXRhLCBzaXplX3QgZGF0YUxlbmd0aCkKQEAgLTY5 Niw3ICs3MDEsNiBAQCB2b2lkIFdlYlNvY2tldENoYW5uZWw6OmVucXVldWVSYXdGcmFtZShXCiAg ICAgaWYgKGRhdGFMZW5ndGgpCiAgICAgICAgIG1lbWNweShmcmFtZS0+dmVjdG9yRGF0YS5kYXRh KCksIGRhdGEsIGRhdGFMZW5ndGgpOwogICAgIG1fb3V0Z29pbmdGcmFtZVF1ZXVlLmFwcGVuZChm cmFtZS5yZWxlYXNlKCkpOwotICAgIHByb2Nlc3NPdXRnb2luZ0ZyYW1lUXVldWUoKTsKIH0KIAog dm9pZCBXZWJTb2NrZXRDaGFubmVsOjplbnF1ZXVlQmxvYkZyYW1lKFdlYlNvY2tldEZyYW1lOjpP cENvZGUgb3BDb2RlLCBjb25zdCBCbG9iJiBibG9iKQpAQCAtNzA3LDcgKzcxMSw2IEBAIHZvaWQg V2ViU29ja2V0Q2hhbm5lbDo6ZW5xdWV1ZUJsb2JGcmFtZSgKICAgICBmcmFtZS0+ZnJhbWVUeXBl ID0gUXVldWVkRnJhbWVUeXBlQmxvYjsKICAgICBmcmFtZS0+YmxvYkRhdGEgPSBCbG9iOjpjcmVh dGUoYmxvYi51cmwoKSwgYmxvYi50eXBlKCksIGJsb2Iuc2l6ZSgpKTsKICAgICBtX291dGdvaW5n RnJhbWVRdWV1ZS5hcHBlbmQoZnJhbWUucmVsZWFzZSgpKTsKLSAgICBwcm9jZXNzT3V0Z29pbmdG cmFtZVF1ZXVlKCk7CiB9CiAKIHZvaWQgV2ViU29ja2V0Q2hhbm5lbDo6cHJvY2Vzc091dGdvaW5n RnJhbWVRdWV1ZSgpCg==