150205 2015-10-15 16:50:07 -0700 Null dereference loading Blink layout test http/tests/navigation/new-window-sandboxed-iframe.html 2018-02-19 19:48:40 -0800 1 1 1 Unclassified WebKit History WebKit Local Build Unspecified Unspecified RESOLVED DUPLICATE 128458 HasReduction, InRadar P2 Normal --- 1 jhoneycutt webkit-unassigned beidson fujii webkit-bug-importer oldest_to_newest 1133681 0 263222 jhoneycutt 2015-10-15 16:50:07 -0700 Created attachment 263222 crashing test Null dereference loading Blink layout test http/tests/navigation/new-window-sandboxed-iframe.html. Stack trace: Crashed Thread: 0 Dispatch queue: com.apple.main-thread Exception Type: EXC_BAD_ACCESS (SIGABRT) Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000010 Exception Note: EXC_CORPSE_NOTIFY VM Regions Near 0x10: --> __TEXT 000000010c329000-000000010c32c000 [ 12K] r-x/rwx SM=COW /Users/USER/*/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.Development.xpc/Contents/MacOS/com.apple.WebKit.WebContent.Development Application Specific Information: ================================================================ ==10351==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000010 (pc 0x000116b0006d bp 0x7fff538d3470 sp 0x7fff538d3470 T0) #0 0x116b0006c in WTF::RefPtr<WebCore::HistoryItem>::get() const (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebKit.framework/WebKit+0x52c06c) #1 0x116f1e129 in WKBundleBackForwardListItemIsSame (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebKit.framework/WebKit+0x94a129) #2 0x12245c978 in WTR::InjectedBundlePage::dumpBackForwardList(WTF::StringBuilder&) (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebKitTestRunnerInjectedBundle.bundle/Contents/MacOS/WebKitTestRunnerInjectedBundle+0x40978) #3 0x122447ce4 in WTR::InjectedBundle::dumpBackForwardListsForAllPages(WTF::StringBuilder&) (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebKitTestRunnerInjectedBundle.bundle/Contents/MacOS/WebKitTestRunnerInjectedBundle+0x2bce4) #4 0x122455b20 in WTR::InjectedBundlePage::dump() (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebKitTestRunnerInjectedBundle.bundle/Contents/MacOS/WebKitTestRunnerInjectedBundle+0x39b20) #5 0x1167559c6 in WebKit::InjectedBundlePageLoaderClient::didFinishLoadForFrame(WebKit::WebPage*, WebKit::WebFrame*, WTF::RefPtr<API::Object>&) (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebKit.framework/WebKit+0x1819c6) #6 0x116ba1b8a in WebKit::WebFrameLoaderClient::dispatchDidFinishLoad() (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebKit.framework/WebKit+0x5cdb8a) #7 0x11b6f1300 in WebCore::FrameLoader::checkLoadCompleteForThisFrame() (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebCore.framework/Versions/A/WebCore+0xa93300) #8 0x11b6e68b2 in WebCore::FrameLoader::checkLoadComplete() (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebCore.framework/Versions/A/WebCore+0xa888b2) #9 0x11b348baf in WebCore::DocumentLoader::finishedLoading(double) (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebCore.framework/Versions/A/WebCore+0x6eabaf) #10 0x11aea7ca7 in WebCore::CachedResource::checkNotify() (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebCore.framework/Versions/A/WebCore+0x249ca7) #11 0x11aea2ff9 in WebCore::CachedRawResource::finishLoading(WebCore::SharedBuffer*) (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebCore.framework/Versions/A/WebCore+0x244ff9) #12 0x11cf30588 in WebCore::SubresourceLoader::didFinishLoading(double) (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebCore.framework/Versions/A/WebCore+0x22d2588) #13 0x116ebb7b5 in void IPC::handleMessage<Messages::WebResourceLoader::DidFinishResourceLoad, WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(double)>(IPC::MessageDecoder&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(double)) (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebKit.framework/WebKit+0x8e77b5) #14 0x116ebaca2 in WebKit::WebResourceLoader::didReceiveWebResourceLoaderMessage(IPC::Connection&, IPC::MessageDecoder&) (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebKit.framework/WebKit+0x8e6ca2) #15 0x11683a6ca in WebKit::NetworkProcessConnection::didReceiveMessage(IPC::Connection&, IPC::MessageDecoder&) (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebKit.framework/WebKit+0x2666ca) #16 0x116664745 in IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::MessageDecoder, std::__1::default_delete<IPC::MessageDecoder> >) (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebKit.framework/WebKit+0x90745) #17 0x11666bf09 in IPC::Connection::dispatchOneMessage() (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebKit.framework/WebKit+0x97f09) #18 0x1196fe618 in WTF::RunLoop::performWork() (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/JavaScriptCore.framework/Versions/A/JavaScriptCore+0xe7e618) #19 0x1196fee6e in WTF::RunLoop::performWork(void*) (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/JavaScriptCore.framework/Versions/A/JavaScriptCore+0xe7ee6e) #20 0x7fff96fba8b0 in __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0xaa8b0) #21 0x7fff96f9a0ab in __CFRunLoopDoSources0 (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x8a0ab) #22 0x7fff96f995ce in __CFRunLoopRun (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x895ce) #23 0x7fff96f98fc7 in CFRunLoopRunSpecific (/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation+0x88fc7) #24 0x7fff89713d54 in RunCurrentEventLoopInMode (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30d54) #25 0x7fff89713b8e in ReceiveNextEventCommon (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x30b8e) #26 0x7fff897139ce in _BlockUntilNextEventMatchingListInModeWithFilter (/System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox+0x309ce) #27 0x7fff8d4e6d95 in _DPSNextEvent (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x49d95) #28 0x7fff8d4e61c4 in -[NSApplication _nextEventMatchingEventMask:untilDate:inMode:dequeue:] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x491c4) #29 0x7fff8d4dad27 in -[NSApplication run] (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x3dd27) #30 0x7fff8d4a3fbd in NSApplicationMain (/System/Library/Frameworks/AppKit.framework/Versions/C/AppKit+0x6fbd) #31 0x7fff924c44f1 in _xpc_objc_main (/usr/lib/system/libxpc.dylib+0x114f1) #32 0x7fff924c2f1d in xpc_main (/usr/lib/system/libxpc.dylib+0xff1d) #33 0x10c32a266 in main (/Users/jhoneycutt/src/OpenSource/WebKitBuild2/Release/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.Development.xpc/Contents/MacOS/com.apple.WebKit.WebContent.Development+0x100001266) #34 0x7fff931e95ac in start (/usr/lib/system/libdyld.dylib+0x35ac) #35 0x0 (<unknown module>) 1133682 1 webkit-bug-importer 2015-10-15 16:50:33 -0700 <rdar://problem/23136996> 1400638 2 fujii 2018-02-19 19:48:40 -0800 *** This bug has been marked as a duplicate of bug 128458 *** 263222 2015-10-15 16:50:07 -0700 2015-10-15 16:50:07 -0700 crashing test new-window-sandboxed-iframe.html text/html 322 jhoneycutt PHNjcmlwdD4KaWYgKHdpbmRvdy50ZXN0UnVubmVyKSB7CiAgICB0ZXN0UnVubmVyLmR1bXBBc1Rl eHQoKTsKICAgIHRlc3RSdW5uZXIuZHVtcEJhY2tGb3J3YXJkTGlzdCgpOwogICAgdGVzdFJ1bm5l ci53YWl0VW50aWxEb25lKCk7CiAgICB0ZXN0UnVubmVyLnNldENhbk9wZW5XaW5kb3dzKCk7Cn0K PC9zY3JpcHQ+CjxpZnJhbWUgc2FuZGJveD0iYWxsb3ctc2NyaXB0cyBhbGxvdy1mb3JtcyBhbGxv dy1zYW1lLW9yaWdpbiBhbGxvdy1wb3B1cHMiIHNyYz0icmVzb3VyY2VzL25ldy13aW5kb3ctc2Fu ZGJveGVkLWlmcmFtZS1pZnJhbWUuaHRtbCI+PC9pZnJhbWU+Cg==