183175 2018-02-27 12:36:01 -0800 JSC crash with `import("")` 2018-03-01 02:24:39 -0800 1 1 1 Unclassified WebKit JavaScriptCore WebKit Local Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 andre.bargull ysuzuki commit-queue ews-watchlist keith_miller mark.lam msaboff ryanhaddad saam webkit-bug-importer ysuzuki oldest_to_newest 1402394 0 andre.bargull 2018-02-27 12:36:01 -0800 SVN: rev228977 Build with: perl Tools/Scripts/build-jsc --jsc-only --debug Executing the following test case leads to this crash: --- 1 0x7f0fd0957705 WTFCrash 2 0x48e47d WTF::VectorBufferBase<char, WTF::FastMalloc>::allocateBuffer(unsigned long) 3 0x48c170 WTF::Vector<char, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>::reserveCapacity(unsigned long) 4 0x48744f WTF::Vector<char, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>::expandCapacity(unsigned long) 5 0x482240 WTF::Vector<char, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>::resize(unsigned long) 6 0x459f05 7 0x45a15c 8 0x45a30f GlobalObject::moduleLoaderFetch(JSC::JSGlobalObject*, JSC::ExecState*, JSC::JSModuleLoader*, JSC::JSValue, JSC::JSValue, JSC::JSValue) 9 0x7f0fd06293e9 JSC::JSModuleLoader::fetch(JSC::ExecState*, JSC::JSValue, JSC::JSValue, JSC::JSValue) 10 0x7f0fd06c027b 11 0x7f0f89eff185 --- Test case: --- import(""); --- 1402581 1 334740 ysuzuki 2018-02-28 05:06:46 -0800 Created attachment 334740 Patch 1402611 2 334740 ysuzuki 2018-02-28 08:26:34 -0800 Comment on attachment 334740 Patch Thanks! 1402614 3 334740 commit-queue 2018-02-28 08:38:37 -0800 Comment on attachment 334740 Patch Clearing flags on attachment: 334740 Committed r229092: <https://trac.webkit.org/changeset/229092> 1402615 4 commit-queue 2018-02-28 08:38:38 -0800 All reviewed patches have been landed. Closing bug. 1402617 5 webkit-bug-importer 2018-02-28 08:39:36 -0800 <rdar://problem/37985858> 1402709 6 ryanhaddad 2018-02-28 13:41:46 -0800 (In reply to WebKit Commit Bot from comment #3) > Comment on attachment 334740 [details] > Patch > > Clearing flags on attachment: 334740 > > Committed r229092: <https://trac.webkit.org/changeset/229092> The test added with this change is failing on debug JSC bots due to an unchecked exception: https://build.webkit.org/builders/Apple%20High%20Sierra%2032-bit%20JSC%20(BuildAndTest)/builds/1298/steps/webkit-32bit-jsc-test/logs/stdio 1402854 7 ysuzuki 2018-03-01 02:24:39 -0800 Committed r229129: <https://trac.webkit.org/changeset/229129> 334740 2018-02-28 05:06:46 -0800 2018-02-28 08:38:37 -0800 Patch bug-183175-20180228220645.patch text/plain 4865 ysuzuki U3VidmVyc2lvbiBSZXZpc2lvbjogMjI5MDg5CmRpZmYgLS1naXQgYS9Tb3VyY2UvSmF2YVNjcmlw dENvcmUvQ2hhbmdlTG9nIGIvU291cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwppbmRleCBh N2Y0NWVjNGU0OWU2NTE5MmI2ZTE4NTc3ZmUzNmFjNmUyZDc4NDJjLi5kNmVhYWY2M2E0ZDc4NDYx ZDRlZGNkMzE4ZTdkODJkMmM2MjgxY2I2IDEwMDY0NAotLS0gYS9Tb3VyY2UvSmF2YVNjcmlwdENv cmUvQ2hhbmdlTG9nCisrKyBiL1NvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKQEAgLTEs MyArMSwxOCBAQAorMjAxOC0wMi0yOCAgWXVzdWtlIFN1enVraSAgPHV0YXRhbmUudGVhQGdtYWls LmNvbT4KKworICAgICAgICBKU0MgY3Jhc2ggd2l0aCBgaW1wb3J0KCIiKWAKKyAgICAgICAgaHR0 cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTE4MzE3NQorCisgICAgICAgIFJl dmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIEFkZCBmaWxlIGV4aXN0ZW5jZSBh bmQgZmlsZSB0eXBlIGNoZWNrIGZvciBtb2R1bGUgbG9hZGVyIGltcGxlbWVudGF0aW9uIGluIGpz Yy5jcHAuCisgICAgICAgIFRoaXMgaXMgbm90IHNhZmUgZm9yIFRPQ1RPVSwgYnV0IGl0IGlzIE9L IHNpbmNlIHRoaXMgZnVuY3Rpb25hbGl0eSBpcyB1c2VkIGZvciB0aGUKKyAgICAgICAgSlNDIHNo ZWxsIChqc2MuY3BwKTogdGVzdGluZyBwdXJwb3NlLgorCisgICAgICAgICoganNjLmNwcDoKKyAg ICAgICAgKGZpbGxCdWZmZXJXaXRoQ29udGVudHNPZkZpbGUpOgorICAgICAgICAoZmV0Y2hNb2R1 bGVGcm9tTG9jYWxGaWxlU3lzdGVtKToKKwogMjAxOC0wMi0yNyAgS2VpdGggTWlsbGVyICA8a2Vp dGhfbWlsbGVyQGFwcGxlLmNvbT4KIAogICAgICAgICBSZXBsYWNlIFRydXN0ZWRJbW1QdHIoMCkg d2l0aCBUcnVzdGVkSW1tUHRyKG51bGxwdHIpCmRpZmYgLS1naXQgYS9Tb3VyY2UvSmF2YVNjcmlw dENvcmUvanNjLmNwcCBiL1NvdXJjZS9KYXZhU2NyaXB0Q29yZS9qc2MuY3BwCmluZGV4IDNiODgz OWNmYzViYmQzNzg4M2VjZmY3Y2Q5YjA1YjhiMDU2ZDNiYzguLjcyM2U2ODIzN2U4YWI4NzZlZmU0 ZGUyM2Y5MjYyOGI4MWQyNTBhZTYgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9KYXZhU2NyaXB0Q29yZS9q c2MuY3BwCisrKyBiL1NvdXJjZS9KYXZhU2NyaXB0Q29yZS9qc2MuY3BwCkBAIC03Nyw2ICs3Nyw4 IEBACiAjaW5jbHVkZSA8c3RkaW8uaD4KICNpbmNsdWRlIDxzdGRsaWIuaD4KICNpbmNsdWRlIDxz dHJpbmcuaD4KKyNpbmNsdWRlIDxzeXMvc3RhdC5oPgorI2luY2x1ZGUgPHN5cy90eXBlcy5oPgog I2luY2x1ZGUgPHRocmVhZD4KICNpbmNsdWRlIDx0eXBlX3RyYWl0cz4KICNpbmNsdWRlIDx3dGYv Q29tbWFQcmludGVyLmg+CkBAIC04NTMsMTIgKzg1NSwxNiBAQCBzdGF0aWMgdm9pZCBjb252ZXJ0 U2hlYmFuZ1RvSlNDb21tZW50KFZlY3RvcjxjaGFyPiYgYnVmZmVyKQogCiBzdGF0aWMgUmVmUHRy PFVpbnQ4QXJyYXk+IGZpbGxCdWZmZXJXaXRoQ29udGVudHNPZkZpbGUoRklMRSogZmlsZSkKIHsK LSAgICBmc2VlayhmaWxlLCAwLCBTRUVLX0VORCk7Ci0gICAgc2l6ZV90IGJ1ZmZlckNhcGFjaXR5 ID0gZnRlbGwoZmlsZSk7Ci0gICAgZnNlZWsoZmlsZSwgMCwgU0VFS19TRVQpOworICAgIGlmIChm c2VlayhmaWxlLCAwLCBTRUVLX0VORCkgPT0gLTEpCisgICAgICAgIHJldHVybiBudWxscHRyOwor ICAgIGxvbmcgYnVmZmVyQ2FwYWNpdHkgPSBmdGVsbChmaWxlKTsKKyAgICBpZiAoYnVmZmVyQ2Fw YWNpdHkgPT0gLTEpCisgICAgICAgIHJldHVybiBudWxscHRyOworICAgIGlmIChmc2VlayhmaWxl LCAwLCBTRUVLX1NFVCkgPT0gLTEpCisgICAgICAgIHJldHVybiBudWxscHRyOwogICAgIFJlZlB0 cjxVaW50OEFycmF5PiByZXN1bHQgPSBVaW50OEFycmF5OjpjcmVhdGUoYnVmZmVyQ2FwYWNpdHkp OwogICAgIHNpemVfdCByZWFkU2l6ZSA9IGZyZWFkKHJlc3VsdC0+ZGF0YSgpLCAxLCBidWZmZXJD YXBhY2l0eSwgZmlsZSk7Ci0gICAgaWYgKHJlYWRTaXplICE9IGJ1ZmZlckNhcGFjaXR5KQorICAg IGlmIChyZWFkU2l6ZSAhPSBzdGF0aWNfY2FzdDxzaXplX3Q+KGJ1ZmZlckNhcGFjaXR5KSkKICAg ICAgICAgcmV0dXJuIG51bGxwdHI7CiAgICAgcmV0dXJuIHJlc3VsdDsKIH0KQEAgLTg4MSw5ICs4 ODcsMTMgQEAgc3RhdGljIGJvb2wgZmlsbEJ1ZmZlcldpdGhDb250ZW50c09mRmlsZShGSUxFKiBm aWxlLCBWZWN0b3I8Y2hhcj4mIGJ1ZmZlcikKIHsKICAgICAvLyBXZSBtaWdodCBoYXZlIGluamVj dGVkICJ1c2Ugc3RyaWN0IjsgYXQgdGhlIHRvcC4KICAgICBzaXplX3QgaW5pdGlhbFNpemUgPSBi dWZmZXIuc2l6ZSgpOwotICAgIGZzZWVrKGZpbGUsIDAsIFNFRUtfRU5EKTsKLSAgICBzaXplX3Qg YnVmZmVyQ2FwYWNpdHkgPSBmdGVsbChmaWxlKTsKLSAgICBmc2VlayhmaWxlLCAwLCBTRUVLX1NF VCk7CisgICAgaWYgKGZzZWVrKGZpbGUsIDAsIFNFRUtfRU5EKSA9PSAtMSkKKyAgICAgICAgcmV0 dXJuIGZhbHNlOworICAgIGxvbmcgYnVmZmVyQ2FwYWNpdHkgPSBmdGVsbChmaWxlKTsKKyAgICBp ZiAoYnVmZmVyQ2FwYWNpdHkgPT0gLTEpCisgICAgICAgIHJldHVybiBmYWxzZTsKKyAgICBpZiAo ZnNlZWsoZmlsZSwgMCwgU0VFS19TRVQpID09IC0xKQorICAgICAgICByZXR1cm4gZmFsc2U7CiAg ICAgYnVmZmVyLnJlc2l6ZShidWZmZXJDYXBhY2l0eSArIGluaXRpYWxTaXplKTsKICAgICBzaXpl X3QgcmVhZFNpemUgPSBmcmVhZChidWZmZXIuZGF0YSgpICsgaW5pdGlhbFNpemUsIDEsIGJ1ZmZl ci5zaXplKCksIGZpbGUpOwogICAgIHJldHVybiByZWFkU2l6ZSA9PSBidWZmZXIuc2l6ZSgpIC0g aW5pdGlhbFNpemU7CkBAIC05MTgsOSArOTI4LDIzIEBAIHN0YXRpYyBib29sIGZldGNoTW9kdWxl RnJvbUxvY2FsRmlsZVN5c3RlbShjb25zdCBTdHJpbmcmIGZpbGVOYW1lLCBWZWN0b3I8Y2hhcj4m CiAgICAgLy8gaHR0cHM6Ly9tc2RuLm1pY3Jvc29mdC5jb20vZW4tdXMvbGlicmFyeS93aW5kb3dz L2Rlc2t0b3AvYWEzNjUyNDcuYXNweCNtYXhwYXRoCiAgICAgLy8gVXNlIGxvbmcgVU5DIHRvIHBh c3MgdGhlIGxvbmcgcGF0aCBuYW1lIHRvIHRoZSBXaW5kb3dzIEFQSXMuCiAgICAgU3RyaW5nIGxv bmdVTkNQYXRoTmFtZSA9IFdURjo6bWFrZVN0cmluZygiXFxcXD9cXCIsIGZpbGVOYW1lKTsKLSAg ICBGSUxFKiBmID0gX3dmb3BlbihzdHJpbmdUb051bGxUZXJtaW5hdGVkV0NoYXIobG9uZ1VOQ1Bh dGhOYW1lKS5kYXRhKCksIEwicmIiKTsKKyAgICBhdXRvIHBhdGhOYW1lID0gc3RyaW5nVG9OdWxs VGVybWluYXRlZFdDaGFyKGxvbmdVTkNQYXRoTmFtZSk7CisgICAgc3RydWN0IF9zdGF0IHN0YXR1 cyB7IH07CisgICAgaWYgKF93c3RhdChwYXRoTmFtZS5kYXRhKCksICZzdGF0dXMpKQorICAgICAg ICByZXR1cm4gZmFsc2U7CisgICAgaWYgKChzdGF0dXMuc3RfbW9kZSAmIFNfSUZNVCkgIT0gU19J RlJFRykKKyAgICAgICAgcmV0dXJuIGZhbHNlOworCisgICAgRklMRSogZiA9IF93Zm9wZW4ocGF0 aE5hbWUuZGF0YSgpLCBMInJiIik7CiAjZWxzZQotICAgIEZJTEUqIGYgPSBmb3BlbihmaWxlTmFt ZS51dGY4KCkuZGF0YSgpLCAiciIpOworICAgIGF1dG8gcGF0aE5hbWUgPSBmaWxlTmFtZS51dGY4 KCk7CisgICAgc3RydWN0IHN0YXQgc3RhdHVzIHsgfTsKKyAgICBpZiAoc3RhdChwYXRoTmFtZS5k YXRhKCksICZzdGF0dXMpKQorICAgICAgICByZXR1cm4gZmFsc2U7CisgICAgaWYgKChzdGF0dXMu c3RfbW9kZSAmIFNfSUZNVCkgIT0gU19JRlJFRykKKyAgICAgICAgcmV0dXJuIGZhbHNlOworCisg ICAgRklMRSogZiA9IGZvcGVuKHBhdGhOYW1lLmRhdGEoKSwgInIiKTsKICNlbmRpZgogICAgIGlm ICghZikgewogICAgICAgICBmcHJpbnRmKHN0ZGVyciwgIkNvdWxkIG5vdCBvcGVuIGZpbGU6ICVz XG4iLCBmaWxlTmFtZS51dGY4KCkuZGF0YSgpKTsKZGlmZiAtLWdpdCBhL0pTVGVzdHMvQ2hhbmdl TG9nIGIvSlNUZXN0cy9DaGFuZ2VMb2cKaW5kZXggMWE0MDNiNzNjZDEyMWJjM2YwZjcyMzZkNjYz MzFhNGM4YWIyNTE5Zi4uNGI1MGE1N2EzNTc2OWI3ZmI3MzRlZWUwNTYxMzU4ODJjMWM2MmUwZSAx MDA2NDQKLS0tIGEvSlNUZXN0cy9DaGFuZ2VMb2cKKysrIGIvSlNUZXN0cy9DaGFuZ2VMb2cKQEAg LTEsMyArMSwxMiBAQAorMjAxOC0wMi0yOCAgWXVzdWtlIFN1enVraSAgPHV0YXRhbmUudGVhQGdt YWlsLmNvbT4KKworICAgICAgICBKU0MgY3Jhc2ggd2l0aCBgaW1wb3J0KCIiKWAKKyAgICAgICAg aHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTE4MzE3NQorCisgICAgICAg IFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgICogc3RyZXNzL2ltcG9ydC13 aXRoLWVtcHR5LXN0cmluZy5qczogQWRkZWQuCisKIDIwMTgtMDItMjcgIFl1c3VrZSBTdXp1a2kg IDx1dGF0YW5lLnRlYUBnbWFpbC5jb20+CiAKICAgICAgICAgVW5yZXZpZXdlZCwgc2tpcCBGVEwg dGVzdHMgaWYgRlRMIGlzIGRpc2FibGVkCmRpZmYgLS1naXQgYS9KU1Rlc3RzL3N0cmVzcy9pbXBv cnQtd2l0aC1lbXB0eS1zdHJpbmcuanMgYi9KU1Rlc3RzL3N0cmVzcy9pbXBvcnQtd2l0aC1lbXB0 eS1zdHJpbmcuanMKbmV3IGZpbGUgbW9kZSAxMDA2NDQKaW5kZXggMDAwMDAwMDAwMDAwMDAwMDAw MDAwMDAwMDAwMDAwMDAwMDAwMDAwMC4uZDE3NGVjOWVjZjUxOGMzZmQ0YjAyZTczNjQwMTJhMWE2 MWRiMzg0MwotLS0gL2Rldi9udWxsCisrKyBiL0pTVGVzdHMvc3RyZXNzL2ltcG9ydC13aXRoLWVt cHR5LXN0cmluZy5qcwpAQCAtMCwwICsxLDIgQEAKK2ltcG9ydCgiIikudGhlbigkdm0uYWJvcnQs IGZ1bmN0aW9uICgpIHsKK30pOwo=