178434 2017-10-18 02:52:37 -0700 [curl] Segfault in WebCore::CurlRequest::setupPOST 2017-11-15 13:03:51 -0800 1 1 1 Unclassified WebKit Platform WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED https://bugs.webkit.org/show_bug.cgi?id=177733 InRadar P2 Normal --- 1 fujii basuke achristensen basuke bfulgham buildbot commit-queue don.olmstead fujii galpeter pvollan rniwa webkit-bug-importer oldest_to_newest 1361627 0 fujii 2017-10-18 02:52:37 -0700 [curl] Segfault in WebCore::CurlRequest::setupPOST 1) Start MiniBrowser 2) Open http://amazon.co.jp/ 3) Crash WinCairo port, trunk@223596, Debug build Callstack: > WebKit.dll!WTF::Vector<WebCore::FormDataElement,0,WTF::CrashOnOverflow,16,WTF::FastMalloc>::size() Line 661 C++ > WebKit.dll!WebCore::CurlRequest::setupPOST(WebCore::ResourceRequest & request) Line 421 C++ > WebKit.dll!WebCore::CurlRequest::setupTransfer() Line 159 C++ > WebKit.dll!WebCore::CurlJobList::startJobs(WTF::HashSet<WebCore::CurlJobClient *,WTF::PtrHash<WebCore::CurlJobClient *>,WTF::HashTraits<WebCore::CurlJobClient *> > && jobs) Line 46 C++ > WebKit.dll!WebCore::CurlJobManager::updateJobList(WebCore::CurlJobList & jobs) Line 178 C++ > WebKit.dll!WebCore::CurlJobManager::workerThread() Line 197 C++ > WebKit.dll!WebCore::CurlJobManager::startThreadIfNeeded::__l10::<lambda>() Line 132 C++ > WebKit.dll!WTF::Function<void __cdecl(void)>::CallableWrapper<void <lambda>(void) >::call() Line 101 C++ > WTF.dll!WTF::Function<void __cdecl(void)>::operator()() Line 57 C++ > WTF.dll!WTF::Thread::entryPoint(WTF::Thread::NewThreadContext * newThreadContext) Line 130 C++ > WTF.dll!WTF::wtfThreadEntryPoint(void * data) Line 157 C++ > WTF.dll!thread_start<unsigned int (__cdecl*)(void * __ptr64)>(void * const parameter) Line 115 C++ > [External Code] > void CurlRequest::setupPOST(ResourceRequest& request) > { > m_curlHandle->enableHttpPostRequest(); > > auto numElements = request.httpBody()->elements().size(); > if (!numElements) > return; request.m_httpBody was null. 1361629 1 fujii 2017-10-18 02:53:56 -0700 Looks similar with Bug 177733. 1362057 2 324207 basuke 2017-10-18 21:59:53 -0700 Created attachment 324207 patch 1362076 3 324207 commit-queue 2017-10-19 00:41:45 -0700 Comment on attachment 324207 patch Clearing flags on attachment: 324207 Committed r223681: <https://trac.webkit.org/changeset/223681> 1362077 4 commit-queue 2017-10-19 00:41:47 -0700 All reviewed patches have been landed. Closing bug. 1372342 5 webkit-bug-importer 2017-11-15 13:03:51 -0800 <rdar://problem/35568712> 324207 2017-10-18 21:59:53 -0700 2017-10-19 00:41:45 -0700 patch 178434-1.diff text/plain 2112 basuke ZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZyBiL1NvdXJjZS9XZWJDb3JlL0No YW5nZUxvZwppbmRleCA3NWQ5Y2Y4ZDRkMi4uNzk4ZDJiM2I1YTUgMTAwNjQ0Ci0tLSBhL1NvdXJj ZS9XZWJDb3JlL0NoYW5nZUxvZworKysgYi9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKQEAgLTEs MyArMSwxNCBAQAorMjAxNy0xMC0xOCAgQmFzdWtlIFN1enVraSAgPEJhc3VrZS5TdXp1a2lAc29u eS5jb20+CisKKyAgICAgICAgW2N1cmxdIFNlZ2ZhdWx0IGluIFdlYkNvcmU6OkN1cmxSZXF1ZXN0 OjpzZXR1cFBPU1QKKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dp P2lkPTE3ODQzNAorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAg ICAgICogcGxhdGZvcm0vbmV0d29yay9jdXJsL0N1cmxSZXF1ZXN0LmNwcDoKKyAgICAgICAgKFdl YkNvcmU6OkN1cmxSZXF1ZXN0OjpyZXNvbHZlQmxvYlJlZmVyZW5jZXMpOgorICAgICAgICAoV2Vi Q29yZTo6Q3VybFJlcXVlc3Q6OnNldHVwUE9TVCk6CisKIDIwMTctMTAtMTYgIFNhbSBXZWluaWcg IDxzYW1Ad2Via2l0Lm9yZz4KIAogICAgICAgICBbU2V0dGluZ3NdIEdlbmVyYXRlIFNldHRpbmdz LmgvY3BwCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9uZXR3b3JrL2N1cmwv Q3VybFJlcXVlc3QuY3BwIGIvU291cmNlL1dlYkNvcmUvcGxhdGZvcm0vbmV0d29yay9jdXJsL0N1 cmxSZXF1ZXN0LmNwcAppbmRleCA4ZDM2NmM1MTBmMy4uOTFlYmQ4ZGJkZjkgMTAwNjQ0Ci0tLSBh L1NvdXJjZS9XZWJDb3JlL3BsYXRmb3JtL25ldHdvcmsvY3VybC9DdXJsUmVxdWVzdC5jcHAKKysr IGIvU291cmNlL1dlYkNvcmUvcGxhdGZvcm0vbmV0d29yay9jdXJsL0N1cmxSZXF1ZXN0LmNwcApA QCAtMzkxLDEyICszOTEsMTIgQEAgdm9pZCBDdXJsUmVxdWVzdDo6cmVzb2x2ZUJsb2JSZWZlcmVu Y2VzKFJlc291cmNlUmVxdWVzdCYgcmVxdWVzdCkKIHsKICAgICBBU1NFUlQoaXNNYWluVGhyZWFk KCkpOwogCi0gICAgUmVmUHRyPEZvcm1EYXRhPiBmb3JtRGF0YSA9IHJlcXVlc3QuaHR0cEJvZHko KTsKLSAgICBpZiAoIWZvcm1EYXRhKQorICAgIGF1dG8gYm9keSA9IHJlcXVlc3QuaHR0cEJvZHko KTsKKyAgICBpZiAoIWJvZHkgfHwgYm9keS0+aXNFbXB0eSgpKQogICAgICAgICByZXR1cm47CiAK ICAgICAvLyBSZXNvbHZlIHRoZSBibG9iIGVsZW1lbnRzIHNvIHRoZSBmb3JtRGF0YSBjYW4gY29y cmVjdGx5IHJlcG9ydCBpdCdzIHNpemUuCi0gICAgZm9ybURhdGEgPSBmb3JtRGF0YS0+cmVzb2x2 ZUJsb2JSZWZlcmVuY2VzKCk7CisgICAgUmVmUHRyPEZvcm1EYXRhPiBmb3JtRGF0YSA9IGJvZHkt PnJlc29sdmVCbG9iUmVmZXJlbmNlcygpOwogICAgIHJlcXVlc3Quc2V0SFRUUEJvZHkoV1RGTW92 ZShmb3JtRGF0YSkpOwogfQogCkBAIC00MTgsMTMgKzQxOCwxNyBAQCB2b2lkIEN1cmxSZXF1ZXN0 OjpzZXR1cFBPU1QoUmVzb3VyY2VSZXF1ZXN0JiByZXF1ZXN0KQogewogICAgIG1fY3VybEhhbmRs ZS0+ZW5hYmxlSHR0cFBvc3RSZXF1ZXN0KCk7CiAKLSAgICBhdXRvIG51bUVsZW1lbnRzID0gcmVx dWVzdC5odHRwQm9keSgpLT5lbGVtZW50cygpLnNpemUoKTsKKyAgICBhdXRvIGJvZHkgPSByZXF1 ZXN0Lmh0dHBCb2R5KCk7CisgICAgaWYgKCFib2R5IHx8IGJvZHktPmlzRW1wdHkoKSkKKyAgICAg ICAgcmV0dXJuOworCisgICAgYXV0byBudW1FbGVtZW50cyA9IGJvZHktPmVsZW1lbnRzKCkuc2l6 ZSgpOwogICAgIGlmICghbnVtRWxlbWVudHMpCiAgICAgICAgIHJldHVybjsKIAogICAgIC8vIERv IG5vdCBzdHJlYW0gZm9yIHNpbXBsZSBQT1NUIGRhdGEKICAgICBpZiAobnVtRWxlbWVudHMgPT0g MSkgewotICAgICAgICBtX3Bvc3RCdWZmZXIgPSByZXF1ZXN0Lmh0dHBCb2R5KCktPmZsYXR0ZW4o KTsKKyAgICAgICAgbV9wb3N0QnVmZmVyID0gYm9keS0+ZmxhdHRlbigpOwogICAgICAgICBpZiAo bV9wb3N0QnVmZmVyLnNpemUoKSkKICAgICAgICAgICAgIG1fY3VybEhhbmRsZS0+c2V0UG9zdEZp ZWxkcyhtX3Bvc3RCdWZmZXIuZGF0YSgpLCBtX3Bvc3RCdWZmZXIuc2l6ZSgpKTsKICAgICB9IGVs c2UK