144767 2015-05-07 15:20:02 -0700 Crashes in SocketStreamHandleBase::close 2015-05-08 12:16:20 -0700 1 1 1 Unclassified WebKit WebCore Misc. 528+ (Nightly build) Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 ap ap oldest_to_newest 1092784 0 ap 2015-05-07 15:20:02 -0700 We have crash reports where SocketStreamHandleBase::close() is called on a null object while processing a CLOSE frame from the server. Thread 0 Crashed: 0 WebCore 0x37daf446 WebCore::SocketStreamHandleBase::close() + 6 (SocketStreamHandleBase.cpp:86) 1 WebCore 0x37ee75b2 WebCore::WebSocketChannel::processOutgoingFrameQueue() + 554 (WebSocketChannel.cpp:775) 2 WebCore 0x37ee949a WebCore::WebSocketChannel::processFrame() + 3282 (WebSocketChannel.cpp:660) 3 WebCore 0x37ee8268 WebCore::WebSocketChannel::processBuffer() + 64 (WebSocketChannel.cpp:449) 4 WebCore 0x37ee8218 WebCore::WebSocketChannel::didReceiveSocketStreamData(WebCore::SocketStreamHandle*, char const*, int) + 172 (WebSocketChannel.cpp:312) rdar://problem/20486538 1092891 1 252659 ap 2015-05-07 17:27:16 -0700 Created attachment 252659 proposed fix 1093268 2 ap 2015-05-08 12:16:20 -0700 Committed <http://trac.webkit.org/r184005>. 252659 2015-05-07 17:27:16 -0700 2015-05-08 12:12:52 -0700 proposed fix WebSocket.txt text/plain 2628 ap SW5kZXg6IFNvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2Vi Q29yZS9DaGFuZ2VMb2cJKHJldmlzaW9uIDE4Mzk2MCkKKysrIFNvdXJjZS9XZWJDb3JlL0NoYW5n ZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDIyIEBACisyMDE1LTA1LTA3ICBBbGV4ZXkg UHJvc2t1cnlha292ICA8YXBAYXBwbGUuY29tPgorCisgICAgICAgIENyYXNoZXMgaW4gU29ja2V0 U3RyZWFtSGFuZGxlQmFzZTo6Y2xvc2UKKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcv c2hvd19idWcuY2dpP2lkPTE0NDc2NworICAgICAgICByZGFyOi8vcHJvYmxlbS8yMDQ4NjUzOAor CisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFRoaXMgaXMg YSBzcGVjdWxhdGl2ZSBmaXgsIEkgY291bGQgbm90IHJlcHJvZHVjZSB0aGUgY3Jhc2guCisKKyAg ICAgICAgKiBNb2R1bGVzL3dlYnNvY2tldHMvV2ViU29ja2V0Q2hhbm5lbC5jcHA6IChXZWJDb3Jl OjpXZWJTb2NrZXRDaGFubmVsOjpwcm9jZXNzRnJhbWUpOgorICAgICAgICBOb3JtYWxseSwgcHJv Y2Vzc091dGdvaW5nRnJhbWVRdWV1ZSgpIGNsb3NlcyB0aGUgaGFuZGxlIGluIHRoZSBlbmQgd2hl biBjYWxsZWQgaW4KKyAgICAgICAgT3V0Z29pbmdGcmFtZVF1ZXVlQ2xvc2luZyBzdGF0ZS4gQnV0 IHRoZXJlIGlzIG5vIGRlZmluaXRpdmUgcHJvdGVjdGlvbiBhZ2FpbnN0CisgICAgICAgIHByb2Nl c3NpbmcgdHdvIENMT1NFIGZyYW1lcywgaW4gd2hpY2ggY2FzZSB3ZSdkIHRyeSB0byBjbG9zZSB0 aGUgaGFuZGxlIHR3aWNlLgorCisgICAgICAgICogcGxhdGZvcm0vbmV0d29yay9jZi9Tb2NrZXRT dHJlYW1IYW5kbGVDRk5ldC5jcHA6CisgICAgICAgIChXZWJDb3JlOjpTb2NrZXRTdHJlYW1IYW5k bGU6OnJlYWRTdHJlYW1DYWxsYmFjayk6IFBhc3NpbmcgZW1wdHkgZGF0YSB0byB0aGUgY2xpZW50 CisgICAgICAgIHJlc3VsdHMgaW4gdGhlIHNvY2tldCBiZWluZyBjbG9zZWQsIHdoaWNoIG1ha2Vz IG5vIHNlbnNlIGhlcmUuCisKIDIwMTUtMDUtMDcgIFNhaWQgQWJvdS1IYWxsYXdhICA8c2Fib3Vo YWxsYXdhQGFwcGxlLmNvbT4KIAogICAgICAgICBBcHBseWluZyBhIGZpbHRlciBvbiBhbiBTVkcg ZWxlbWVudCwgd2hpY2ggaXMgbGFyZ2VyIHRoYW4gNDA5NiBwaXhlbHMsIGNhdXNlcyB0aGlzIGVs ZW1lbnQgdG8gYmUgcmVuZGVyZWQgc2hpZnRlZCB0byB0aGUgbGVmdApJbmRleDogU291cmNlL1dl YkNvcmUvTW9kdWxlcy93ZWJzb2NrZXRzL1dlYlNvY2tldENoYW5uZWwuY3BwCj09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0K LS0tIFNvdXJjZS9XZWJDb3JlL01vZHVsZXMvd2Vic29ja2V0cy9XZWJTb2NrZXRDaGFubmVsLmNw cAkocmV2aXNpb24gMTgzOTI4KQorKysgU291cmNlL1dlYkNvcmUvTW9kdWxlcy93ZWJzb2NrZXRz L1dlYlNvY2tldENoYW5uZWwuY3BwCSh3b3JraW5nIGNvcHkpCkBAIC02NDksNyArNjQ5LDggQEAg Ym9vbCBXZWJTb2NrZXRDaGFubmVsOjpwcm9jZXNzRnJhbWUoKQogICAgICAgICBtX3JlY2VpdmVk Q2xvc2luZ0hhbmRzaGFrZSA9IHRydWU7CiAgICAgICAgIHN0YXJ0Q2xvc2luZ0hhbmRzaGFrZSht X2Nsb3NlRXZlbnRDb2RlLCBtX2Nsb3NlRXZlbnRSZWFzb24pOwogICAgICAgICBpZiAobV9jbG9z aW5nKSB7Ci0gICAgICAgICAgICBtX291dGdvaW5nRnJhbWVRdWV1ZVN0YXR1cyA9IE91dGdvaW5n RnJhbWVRdWV1ZUNsb3Npbmc7CisgICAgICAgICAgICBpZiAobV9vdXRnb2luZ0ZyYW1lUXVldWVT dGF0dXMgPT0gT3V0Z29pbmdGcmFtZVF1ZXVlT3BlbikKKyAgICAgICAgICAgICAgICBtX291dGdv aW5nRnJhbWVRdWV1ZVN0YXR1cyA9IE91dGdvaW5nRnJhbWVRdWV1ZUNsb3Npbmc7CiAgICAgICAg ICAgICBwcm9jZXNzT3V0Z29pbmdGcmFtZVF1ZXVlKCk7CiAgICAgICAgIH0KICAgICAgICAgYnJl YWs7CkluZGV4OiBTb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9uZXR3b3JrL2NmL1NvY2tldFN0cmVh bUhhbmRsZUNGTmV0LmNwcAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9u ZXR3b3JrL2NmL1NvY2tldFN0cmVhbUhhbmRsZUNGTmV0LmNwcAkocmV2aXNpb24gMTgzOTI4KQor KysgU291cmNlL1dlYkNvcmUvcGxhdGZvcm0vbmV0d29yay9jZi9Tb2NrZXRTdHJlYW1IYW5kbGVD Rk5ldC5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTUwNyw2ICs1MDcsOSBAQCB2b2lkIFNvY2tldFN0 cmVhbUhhbmRsZTo6cmVhZFN0cmVhbUNhbGxiCiAgICAgICAgICAgICBwdHIgPSBsb2NhbEJ1ZmZl cjsKICAgICAgICAgfQogCisgICAgICAgIGlmICghbGVuZ3RoKQorICAgICAgICAgICAgcmV0dXJu OworCiAgICAgICAgIG1fY2xpZW50LT5kaWRSZWNlaXZlU29ja2V0U3RyZWFtRGF0YSh0aGlzLCBy ZWludGVycHJldF9jYXN0PGNvbnN0IGNoYXIqPihwdHIpLCBsZW5ndGgpOwogCiAgICAgICAgIHJl dHVybjsK