Bug 269172

Summary:	Null-deref in MixedContentChecker::shouldBlockRequestForRunnableContent
Product:	WebKit	Reporter:	Jean-Yves Avenard [:jya] <jean-yves.avenard>
Component:	Page Loading	Assignee:	Matthew Finkel <m_finkel>
Status:	RESOLVED FIXED
Severity:	Normal	CC:	beidson, m_finkel, webkit-bug-importer
Priority:	P2	Keywords:	InRadar
Version:	Safari Technology Preview
Hardware:	Unspecified
OS:	Unspecified
See Also:	https://bugs.webkit.org/show_bug.cgi?id=247197

Jean-Yves Avenard [:jya]

Reported 2024-02-11 06:43:11 PST

https://ews-build.s3-us-west-2.amazonaws.com/macOS-Monterey-Release-WK1-Tests-EWS/9edf41cb-34858/results.html crash with WK1 test http/tests/websocket/tests/hybi/workers/worker-reload.html ``` Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x10f786bfa WebCore::MixedContentChecker::shouldBlockRequestForRunnableContent(WebCore::LocalFrame&, WebCore::SecurityOrigin&, WTF::URL const&, WebCore::MixedContentChecker::ShouldLogWarning) 1 com.apple.WebCore 0x10ed1918e WTF::Detail::CallableWrapper<WebCore::WorkerThreadableWebSocketChannel::Bridge::connect(WTF::URL const&, WTF::String const&)::$_14, void, WebCore::ScriptExecutionContext&>::call(WebCore::ScriptExecutionContext&) 2 com.apple.WebCore 0x10f1f5516 WTF::Detail::CallableWrapper<WebCore::Document::postTask(WebCore::ScriptExecutionContext::Task&&)::$_38, void>::call() 3 com.apple.JavaScriptCore 0x113dfc77e WTF::RunLoop::performWork() 4 com.apple.JavaScriptCore 0x113dfd202 WTF::RunLoop::performWork(void*) 5 com.apple.CoreFoundation 0x7ff8045c032a __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 16 /AppleInternal/Library/BuildRoots/b30bc231-ded9-11ed-87e6-9edb579d3e3f/Library/Caches/com.apple.xbs/Sources/CoreFoundation/CoreFoundation/RunLoop.subproj/CFRunLoop.c:1972 6 com.apple.CoreFoundation 0x7ff8045c0292 __CFRunLoopDoSource0 + 180 /AppleInternal/Library/BuildRoots/b30bc231-ded9-11ed-87e6-9edb579d3e3f/Library/Caches/com.apple.xbs/Sources/CoreFoundation/CoreFoundation/RunLoop.subproj/CFRunLoop.c:2016 7 com.apple.CoreFoundation 0x7ff8045c0010 __CFRunLoopDoSources0 + 242 /AppleInternal/Library/BuildRoots/b30bc231-ded9-11ed-87e6-9edb579d3e3f/Library/Caches/com.apple.xbs/Sources/CoreFoundation/CoreFoundation/RunLoop.subproj/CFRunLoop.c:2053 8 com.apple.CoreFoundation 0x7ff8045bea20 __CFRunLoopRun + 892 /AppleInternal/Library/BuildRoots/b30bc231-ded9-11ed-87e6-9edb579d3e3f/Library/Caches/com.apple.xbs/Sources/CoreFoundation/CoreFoundation/RunLoop.subproj/CFRunLoop.c:2951 9 com.apple.CoreFoundation 0x7ff8045bdfe4 CFRunLoopRunSpecific + 562 /AppleInternal/Library/BuildRoots/b30bc231-ded9-11ed-87e6-9edb579d3e3f/Library/Caches/com.apple.xbs/Sources/CoreFoundation/CoreFoundation/RunLoop.subproj/CFRunLoop.c:3268 10 DumpRenderTree 0x10ce20744 runTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&) 11 DumpRenderTree 0x10ce1ffde runTestingServerLoop() 12 DumpRenderTree 0x10ce1f91e dumpRenderTree(int, char const**) 13 DumpRenderTree 0x10ce20e26 DumpRenderTreeMain(int, char const**) 14 DumpRenderTree 0x10ce8d188 main 15 dyld 0x113cf552e start + 462 /AppleInternal/Library/BuildRoots/b30bc231-ded9-11ed-87e6-9edb579d3e3f/Library/Caches/com.apple.xbs/Sources/dyld/dyld/dyldMain.cpp:879 ``` regression from bug 247197

Attachments
Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2024-02-11 06:43:42 PST

<rdar://problem/122746490>

Matthew Finkel

Comment 2 2024-02-11 09:23:13 PST

Pull request: https://github.com/WebKit/WebKit/pull/24236

EWS

Comment 3 2024-02-11 22:05:03 PST

Committed 274453@main (ff9e063c794b): <https://commits.webkit.org/274453@main> Reviewed commits have been landed. Closing PR #24236 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.