[WinCairo][WK1][curl] Null dereference in WebFrameNetworkingContext::storageSession I saw the following crash while browsing web sites with WinCairo WK1 MiniBrowser (trunk@242931). I don't know exact repro steps. frame()->page() was null in WebFrameNetworkingContext::storageSession(). Callstack: > WebKit.dll!PAL::SessionID::isEphemeral() Line 54 C++ > WebKit.dll!WebCore::Page::usesEphemeralSession() Line 602 C++ > WebKit.dll!WebFrameNetworkingContext::storageSession() Line 112 C++ > WebKit.dll!WebCore::handleCookieHeaders(WebCore::ResourceHandleInternal * d, const WebCore::ResourceRequest & request, const WebCore::CurlResponse & response) Line 92 C++ > WebKit.dll!WebCore::CurlResourceHandleDelegate::curlDidReceiveResponse(WebCore::CurlRequest & request, const WebCore::CurlResponse & receivedResponse) Line 117 C++ > WebKit.dll!WebCore::CurlRequest::invokeDidReceiveResponse::<unnamed-tag>::operator()(WebCore::CurlRequest & request, WebCore::CurlRequestClient & client) Line 558 C++ > WebKit.dll!WTF::Function<void (WebCore::CurlRequest &, WebCore::CurlRequestClient &)>::CallableWrapper<`lambda at ..\..\Source\WebCore\platform\network\curl\CurlRequest.cpp:556:16'>::call(WebCore::CurlRequest & in, WebCore::CurlRequestClient & in) Line 102 C++ > WebKit.dll!WTF::Function<void (WebCore::CurlRequest &, WebCore::CurlRequestClient &)>::operator()(WebCore::CurlRequest & in, WebCore::CurlRequestClient & in) Line 57 C++ > WebKit.dll!WebCore::CurlRequest::callClient::<unnamed-tag>::operator()() Line 165 C++ > WebKit.dll!WTF::Function<void ()>::CallableWrapper<`lambda at ..\..\Source\WebCore\platform\network\curl\CurlRequest.cpp:163:21'>::call() Line 102 C++ > WTF.dll!WTF::Function<void ()>::operator()() Line 57 C++ > WTF.dll!WTF::dispatchFunctionsFromMainThread() Line 115 C++ > WTF.dll!WTF::ThreadingWindowWndProc(HWND__ * hWnd, unsigned int message, unsigned __int64 wParam, __int64 lParam) Line 48 C++ > [External Code] > WebKit.dll!WebKitMessageLoop::run(HACCEL__ * hAccelTable) Line 94 C++ > MiniBrowserLib.dll!wWinMain(HINSTANCE__ * hInstance, HINSTANCE__ * hPrevInstance, wchar_t * lpstrCmdLine, int nCmdShow) Line 87 C++ > MiniBrowserLib.dll!dllLauncherEntryPoint(HINSTANCE__ * hInstance, HINSTANCE__ * hPrevInstance, wchar_t * lpstrCmdLine, int nCmdShow) Line 105 C++ > MiniBrowser.exe!wWinMain(HINSTANCE__ * hInstance, HINSTANCE__ * hPrevInstance, wchar_t * lpstrCmdLine, int nCmdShow) Line 232 C++ > [External Code]
One of LayoutTests crashes with the same backtrace. > python ./Tools/Scripts/run-webkit-tests --debug --wincairo --no-new-test-results --no-retry-failures --dump-render-tree http/tests/ssl/ping-with-unsafe-redirect.html http/tests/ssl/referer-301.html
Mac port WK1 fixed it. Windows port should do the same. Bug 183455 – Possible null dereference of the page under WebFrameNetworkingContext::storageSession()
Unskpped http/tests/ssl tests. https://trac.webkit.org/changeset/242993/
Created attachment 364784 [details] Patch
Created attachment 364788 [details] Patch
Comment on attachment 364788 [details] Patch Clearing flags on attachment: 364788 Committed r243055: <https://trac.webkit.org/changeset/243055>
All reviewed patches have been landed. Closing bug.
<rdar://problem/48967519>