Bug 213751

Summary:

Crash under IPC::isValidMessageName()

Product:

WebKit

Reporter:

Chris Dumez <cdumez>

Component:

WebKit2

Assignee:

Chris Dumez <cdumez>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

achristensen, ddkilzer, ggaren, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

See Also:

https://bugs.webkit.org/show_bug.cgi?id=211112

Attachments:

Description	Flags
Patch	none
Patch	none
Patch	none

Description Chris Dumez 2020-06-29 13:31:03 PDT

Crash under IPC::isValidMessageName():
Thread 19 Crashed:: Dispatch queue: com.apple.IPC.ReceiveQueue
0   com.apple.WebKit              	0x00007fff39e46ffd IPC::isValidMessageName(IPC::MessageName) + 469
1   com.apple.WebKit              	0x00007fff39d994b2 IPC::Decoder::Decoder(unsigned char const*, unsigned long, void (*)(unsigned char const*, unsigned long), WTF::Vector<IPC::Attachment, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&) + 292
2   com.apple.WebKit              	0x00007fff39d99358 IPC::Decoder::create(unsigned char const*, unsigned long, void (*)(unsigned char const*, unsigned long), WTF::Vector<IPC::Attachment, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&) + 64
3   com.apple.WebKit              	0x00007fff39e6e13c invocation function for block in IPC::Connection::open() + 508
4   libdispatch.dylib             	0x00007fff6903bfb7 _dispatch_client_callout + 8
5   libdispatch.dylib             	0x00007fff6903e84d _dispatch_continuation_pop + 423
6   libdispatch.dylib             	0x00007fff6904eaed _dispatch_source_invoke + 2079
7   libdispatch.dylib             	0x00007fff69041b5f _dispatch_lane_serial_drain + 263
8   libdispatch.dylib             	0x00007fff69042783 _dispatch_lane_invoke + 375
9   libdispatch.dylib             	0x00007fff6904c1db _dispatch_workloop_worker_thread + 668
10  libsystem_pthread.dylib       	0x00007fff692bb4f2 _pthread_wqthread + 314
11  libsystem_pthread.dylib       	0x00007fff692ba4c3 start_wqthread + 15

Comment 1 Chris Dumez 2020-06-29 13:32:21 PDT

<rdar://problem/64773416>

Comment 2 Chris Dumez 2020-06-29 13:46:17 PDT

Created attachment 403108 [details]
Patch

Comment 3 Chris Dumez 2020-06-29 14:32:06 PDT

Created attachment 403114 [details]
Patch

Comment 4 Chris Dumez 2020-06-29 14:44:11 PDT

Created attachment 403117 [details]
Patch

Comment 5 Geoffrey Garen 2020-06-29 15:48:44 PDT

Comment on attachment 403117 [details]
Patch

r=me

Comment 6 EWS 2020-07-01 09:14:41 PDT

Committed r263807: <https://trac.webkit.org/changeset/263807>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 403117 [details].