183704 – Set a trap to catch an infrequent form-related nullptr crash

Bug 183704 - Set a trap to catch an infrequent form-related nullptr crash

Summary: Set a trap to catch an infrequent form-related nullptr crash

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit Misc. (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Brent Fulgham

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2018-03-16 12:31 PDT by Brent Fulgham
Modified:	2018-03-16 14:18 PDT (History)
CC List:	8 users (show)

See Also:

Attachments
Patch (4.63 KB, patch) 2018-03-16 12:40 PDT, Brent Fulgham	rniwa: review+	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Brent Fulgham 2018-03-16 12:31:40 PDT

Crash data indicates that we are attempting to process a form where the document's frame has been nulled out. We don't have a reproducible test case to trigger this behavior, so the following patch attempts to trap the unusual condition that seems likely to be the cause of the crash.

Comment 1 Brent Fulgham 2018-03-16 12:40:44 PDT

Created attachment 335961 [details]
Patch

Comment 2 David Kilzer (:ddkilzer) 2018-03-16 13:24:09 PDT

Comment on attachment 335961 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=335961&action=review

r=me, except I'm not a WebKit2 reviewer.

> Source/WebCore/loader/FormState.cpp:54
> +    // Beartrap for <rdar://problem/37579354>

Uber-Nit.  WebKit style says comments should end with a period.

Comment 3 Brent Fulgham 2018-03-16 14:17:29 PDT

Committed r229683: <https://trac.webkit.org/changeset/229683>

Comment 4 Radar WebKit Bug Importer 2018-03-16 14:18:31 PDT

<rdar://problem/38558524>