Bug 225292

Summary: [GLIB] REGRESSION(r276879): Several tests are crashing or failing
Product: WebKit Reporter: Diego Pino <dpino>
Component: New BugsAssignee: Diego Pino <dpino>
Status: RESOLVED FIXED    
Severity: Normal CC: benjamin, bugs-noreply, cdumez, clopez, cmarcelo, ews-watchlist, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=225391
Attachments:
Description Flags
Patch
none
Patch none

Description Diego Pino 2021-05-03 00:34:09 PDT 
The following tests are failing since r276879:

Regressions: Unexpected text-only failures (2)
  imported/w3c/web-platform-tests/html/canvas/offscreen/pixel-manipulation/2d.imageData.get.tiny.html [ Failure ]
  imported/w3c/web-platform-tests/html/canvas/offscreen/pixel-manipulation/2d.imageData.get.tiny.worker.html [ Failure ]

Regressions: Unexpected crashes (5)
  imported/w3c/web-platform-tests/FileAPI/file/send-file-formdata-controls.tentative.html [ Crash ]
  imported/w3c/web-platform-tests/FileAPI/file/send-file-formdata-punctuation.tentative.html [ Crash ]
  imported/w3c/web-platform-tests/FileAPI/file/send-file-formdata-utf-8.html [ Crash ]
  imported/w3c/web-platform-tests/FileAPI/file/send-file-formdata.html [ Crash ]
  imported/w3c/web-platform-tests/fetch/api/response/response-consume.html [ Crash ]

https://build.webkit.org/results/GTK-Linux-64-bit-Release-Tests/r276889%20%281519%29/imported/w3c/web-platform-tests/html/canvas/offscreen/pixel-manipulation/2d.imageData.get.tiny-diff.txt

--- /home/buildbot/worker/gtk-linux-64-release-tests/build/layout-test-results/imported/w3c/web-platform-tests/html/canvas/offscreen/pixel-manipulation/2d.imageData.get.tiny-expected.txt
+++ /home/buildbot/worker/gtk-linux-64-release-tests/build/layout-test-results/imported/w3c/web-platform-tests/html/canvas/offscreen/pixel-manipulation/2d.imageData.get.tiny-actual.txt
@@ -3,5 +3,5 @@
 getImageData() works for sizes smaller than one pixel
 
 
-PASS getImageData() works for sizes smaller than one pixel
+FAIL getImageData() works for sizes smaller than one pixel The index is not in the allowed range.

https://build.webkit.org/results/GTK-Linux-64-bit-Debug-Tests/r276889%20(945)/results.html

(stacktrace from debug but crashing in release too).

Thread 1 (Thread 0x7fd51bbebec0 (LWP 23166)):
#0  __strlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:65
#1  0x00007fd525b1d644 in std::char_traits<char>::length(char const*) (__s=0x0) at /usr/include/c++/10.2.0/bits/char_traits.h:357
#2  0x00007fd526ebfd2c in std::basic_string_view<char, std::char_traits<char> >::basic_string_view(char const*) (this=0x7ffcbb88e740, __str=0x0) at /usr/include/c++/10.2.0/string_view:128
#3  0x00007fd5223433dd in std::filesystem::__cxx11::path::_S_convert(char const*, std::filesystem::__cxx11::__detail::__null_terminated) (__src=0x0) at /usr/include/c++/10.2.0/bits/fs_path.h:541
#4  0x00007fd522343967 in std::filesystem::__cxx11::path::path<char const*, std::filesystem::__cxx11::path>(char const* const&, std::filesystem::__cxx11::path::format) (this=0x7ffcbb88e820, __source=@0x7ffcbb88e800: 0x0) at /usr/include/c++/10.2.0/bits/fs_path.h:225
#5  0x00007fd522342262 in WTF::FileSystemImpl::fileIsDirectory(WTF::String const&, WTF::FileSystemImpl::ShouldFollowSymbolicLinks) (path=..., shouldFollowSymbolicLinks=WTF::FileSystemImpl::ShouldFollowSymbolicLinks::Yes) at ../../Source/WTF/wtf/FileSystem.cpp:532
#6  0x00007fd528dd1c5d in WebCore::File::isDirectory() const (this=0x7fd4cb919380) at ../../Source/WebCore/fileapi/File.cpp:151
#7  0x00007fd528dd1885 in WebCore::File::File(WebCore::ScriptExecutionContext*, WebCore::File const&, WTF::String const&) (this=0x7fd4cb9192c0, context=0x7fd4ca9f9970, file=..., name=...) at ../../Source/WebCore/fileapi/File.cpp:99
#8  0x00007fd528e0feba in WebCore::File::create(WebCore::ScriptExecutionContext*, WebCore::File const&, WTF::String const&) (context=0x7fd4ca9f9970, existingFile=..., name=...) at ../../Source/WebCore/fileapi/File.h:71
#9  0x00007fd528e0c54e in WebCore::DOMFormData::createFileEntry(WTF::String const&, WebCore::Blob&, WTF::String const&) (this=0x7fd4036d0ea0, name=..., blob=..., filename=...) at ../../Source/WebCore/html/DOMFormData.cpp:65
#10 0x00007fd528e0c6bb in WebCore::DOMFormData::append(WTF::String const&, WebCore::Blob&, WTF::String const&) (this=0x7fd4036d0ea0, name=..., blob=..., filename=...) at ../../Source/WebCore/html/DOMFormData.cpp:77
#11 0x00007fd52a9a3c5f in operator()() const (__closure=0x7ffcbb88eaf0) at WebCore/DerivedSources/JSDOMFormData.cpp:260
#12 0x00007fd52a9b9115 in WebCore::toJS<WebCore::IDLUndefined, WebCore::jsDOMFormDataPrototypeFunction_append2Body(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::IDLOperation<WebCore::JSDOMFormData>::ClassParameter)::<lambda()> >(JSC::JSGlobalObject &, JSC::ThrowScope &, struct {...} &&) (lexicalGlobalObject=..., throwScope=..., valueOrFunctor=...) at ../../Source/WebCore/bindings/js/JSDOMConvertBase.h:165
#13 0x00007fd52a9a40ce in WebCore::jsDOMFormDataPrototypeFunction_append2Body(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::IDLOperation<WebCore::JSDOMFormData>::ClassParameter) (lexicalGlobalObject=0x7fd450254fc0, callFrame=0x7ffcbb88ed00, castedThis=0x7fd4ca6e4218) at WebCore/DerivedSources/JSDOMFormData.cpp:260
#14 0x00007fd52a9a4314 in WebCore::jsDOMFormDataPrototypeFunction_appendOverloadDispatcher(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::IDLOperation<WebCore::JSDOMFormData>::ClassParameter) (lexicalGlobalObject=0x7fd450254fc0, callFrame=0x7ffcbb88ed00, castedThis=0x7fd4ca6e4218) at WebCore/DerivedSources/JSDOMFormData.cpp:277
#15 0x00007fd52a9b9310 in WebCore::IDLOperation<WebCore::JSDOMFormData>::call<WebCore::jsDOMFormDataPrototypeFunction_appendOverloadDispatcher>(JSC::JSGlobalObject&, JSC::CallFrame&, char const*) (lexicalGlobalObject=..., callFrame=..., operationName=0x7fd52f290078 "append") at ../../Source/WebCore/bindings/js/JSDOMOperation.h:55
#16 0x00007fd52a9a43cc in WebCore::jsDOMFormDataPrototypeFunction_append(JSC::JSGlobalObject*, JSC::CallFrame*) (lexicalGlobalObject=0x7fd450254fc0, callFrame=0x7ffcbb88ed00) at WebCore/DerivedSources/JSDOMFormData.cpp:284
#17 0x00007fd4daf871d8 in  ()
#18 0x00007ffcbb88edc0 in  ()
#19 0x00007fd5208656b2 in llint_op_call () at /app/webkit/Source/JavaScriptCore/llint/LowLevelInterpreter.asm:1097
#20 0x0000000000000000 in  ()
Comment 1 Diego Pino 2021-05-03 05:58:38 PDT 
Created attachment 427552 [details]
Patch
Comment 2 Chris Dumez 2021-05-03 07:34:23 PDT 
Comment on attachment 427552 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=427552&action=review

> Source/WTF/wtf/FileSystem.cpp:531
> +    if (path.isEmpty())

Please do this before initializing the local variables.
Comment 3 Diego Pino 2021-05-03 09:03:14 PDT 
Created attachment 427566 [details]
Patch
Comment 4 EWS 2021-05-03 10:28:50 PDT 
Committed r276907 (237252@main): <https://commits.webkit.org/237252@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 427566 [details].
Comment 5 Radar WebKit Bug Importer 2021-05-03 10:29:17 PDT 
<rdar://problem/77461196>