[Webkit-unassigned] [Bug 223236] New: [SOUP] SOUP3 crashes inside soup_message_set_request_body

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Mar 15 21:01:46 PDT 2021 

https://bugs.webkit.org/show_bug.cgi?id=223236

            Bug ID: 223236
           Summary: [SOUP] SOUP3 crashes inside
                    soup_message_set_request_body
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Page Loading
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: lmoura at igalia.com
                CC: beidson at apple.com

Created attachment 423293

  --> https://bugs.webkit.org/attachment.cgi?id=423293&action=review

http/tests/xmlhttprequest/upload-onloadstart-event.html crash log

http/tests/xmlhttprequest/loadstart-event-init.html
http/tests/xmlhttprequest/redirect-cross-origin-post-sync.html
http/tests/xmlhttprequest/redirect-cross-origin-post.html
http/tests/xmlhttprequest/response-access-on-error.html
http/tests/xmlhttprequest/upload-onabort-progressevent-attributes.html
http/tests/xmlhttprequest/upload-onload-event.html
http/tests/xmlhttprequest/upload-onload-progressevent-attributes.html
http/tests/xmlhttprequest/upload-onloadend-event-after-abort.html
http/tests/xmlhttprequest/upload-onloadend-event-after-load.html
http/tests/xmlhttprequest/upload-onloadstart-event.html
http/tests/xmlhttprequest/upload-onprogress-event.html
http/tests/xmlhttprequest/upload-progress-events.html
http/tests/xmlhttprequest/xmlhttprequest-sync-no-progress-events.html

These happen to crash locally and in the bots (althought not all might be run, due to early exits).

This is only a partial list. Other tests might be affected.

STDERR:
STDERR: (process:2504): libsoup-CRITICAL **: 20:42:47.243: soup_message_set_request_body: assertion 'stream == NULL || G_IS_POLLABLE_INPUT_STREAM (stream)' failed
STDERR: LEAK: 1 WebPageProxy

Tip of trace for http/tests/xmlhttprequest/upload-onloadstart-event.html (full attached)

Thread 1 (Thread 0x7efdae91e9c0 (LWP 2504)):
#0  g_logv (log_domain=0x7efdafbb7943 "libsoup", log_level=G_LOG_LEVEL_CRITICAL, format=<optimized out>, args=<optimized out>) at ../glib/gmessages.c:1413
#1  0x00007efdb0eb4973 in g_log (log_domain=<optimized out>, log_level=<optimized out>, format=<optimized out>) at ../glib/gmessages.c:1451
#2  0x00007efdbc2257f6 in WebCore::ResourceRequest::updateSoupMessageBody(_SoupMessage*, WebCore::BlobRegistryImpl&) const (this=0x7efd6c2f3788, soupMessage=0x7efd4c0083b0 [SoupMessage], blobRegistry=...
) at ../../Source/WebCore/platform/network/soup/ResourceRequestSoup.cpp:138
#3  0x00007efdbc22556c in WebCore::ResourceRequest::createSoupMessage(WebCore::BlobRegistryImpl&) const (this=0x7efd6c2f3788, blobRegistry=...) at ../../Source/WebCore/platform/network/soup/ResourceReque
stSoup.cpp:90
#4  0x00007efdb8c06b17 in WebKit::NetworkDataTaskSoup::createRequest(WebCore::ResourceRequest&&, WebKit::NetworkDataTaskSoup::WasBlockingCookies) (this=0x7efd6c2f3580, request=..., wasBlockingCookies=Web
Kit::NetworkDataTaskSoup::WasBlockingCookies::No) at ../../Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.cpp:127
#5  0x00007efdb8c065f1 in WebKit::NetworkDataTaskSoup::NetworkDataTaskSoup(WebKit::NetworkSession&, WebKit::NetworkDataTaskClient&, WebCore::ResourceRequest const&, WTF::ObjectIdentifier<WebCore::FrameId
entifierType>, WTF::ObjectIdentifier<WebCore::PageIdentifierType>, WebCore::StoredCredentialsPolicy, WebCore::ContentSniffingPolicy, WebCore::ContentEncodingSniffingPolicy, bool, bool) (this=0x7efd6c2f35
80, session=..., client=..., requestWithCredentials=..., frameID=..., pageID=..., storedCredentialsPolicy=WebCore::StoredCredentialsPolicy::Use, shouldContentSniff=WebCore::ContentSniffingPolicy::DoNotSniffContent, shouldClearReferrerOnHTTPSToHTTPRedirect=true, dataTaskIsForMainFrameNavigation=false) at ../../Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.cpp:81
#6  0x00007efdb88c1b57 in WebKit::NetworkDataTaskSoup::create(WebKit::NetworkSession&, WebKit::NetworkDataTaskClient&, WebCore::ResourceRequest const&, WTF::ObjectIdentifier<WebCore::FrameIdentifierType>, WTF::ObjectIdentifier<WebCore::PageIdentifierType>, WebCore::StoredCredentialsPolicy, WebCore::ContentSniffingPolicy, WebCore::ContentEncodingSniffingPolicy, bool, bool) (session=..., client=..., request=..., frameID=..., pageID=..., storedCredentialsPolicy=WebCore::StoredCredentialsPolicy::Use, shouldContentSniff=WebCore::ContentSniffingPolicy::DoNotSniffContent, shouldContentEncodingSniff=WebCore::ContentEncodingSniffingPolicy::DoNotSniff, shouldClearReferrerOnHTTPSToHTTPRedirect=true, dataTaskIsForMainFrameNavigation=false) at ../../Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.h:45
#7  0x00007efdb88acb5d in WebKit::NetworkDataTask::create(WebKit::NetworkSession&, WebKit::NetworkDataTaskClient&, WebKit::NetworkLoadParameters const&) (session=..., client=..., parameters=...) at ../../Source/WebKit/NetworkProcess/NetworkDataTask.cpp:60
#8  0x00007efdb88b015b in WebKit::NetworkLoad::NetworkLoad(WebKit::NetworkLoadClient&, WebCore::BlobRegistryImpl*, WebKit::NetworkLoadParameters&&, WebKit::NetworkSession&) (this=0x7efdae0e1000, client=..., blobRegistry=0x7efdae0d6138, parameters=..., networkSession=...) at ../../Source/WebKit/NetworkProcess/NetworkLoad.cpp:57

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210316/2be4f67c/attachment-0001.htm>

More information about the webkit-unassigned mailing list