Bug 286900

Summary: ASAN_SEGV | JSArrayBufferView::ConstructionContext::ConstructionContext; JSArrayBufferView::ConstructionContext::ConstructionContext; JSC::JSGenericTypedArrayView::create
Product: WebKit Reporter: Jean-Yves Avenard [:jya] <jean-yves.avenard>
Component: MediaAssignee: Jean-Yves Avenard [:jya] <jean-yves.avenard>
Status: RESOLVED FIXED    
Severity: Normal CC: webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   

Jean-Yves Avenard [:jya]
Reported 2025-02-02 18:43:20 PST
``` frame #0: JavaScriptCore`JSC::JSArrayBufferView::ConstructionContext::ConstructionContext(JSC::VM&, JSC::Structure*, WTF::RefPtr<JSC::ArrayBuffer, WTF::RawPtrTraits<JSC::ArrayBuffer>, WTF::DefaultRefDerefTraits<JSC::ArrayBuffer>>&&, unsigned long, std::__1::optional<unsigned long>)+0x179 frame #1: JavaScriptCore`JSC::JSArrayBufferView::ConstructionContext::ConstructionContext(JSC::VM&, JSC::Structure*, WTF::RefPtr<JSC::ArrayBuffer, WTF::RawPtrTraits<JSC::ArrayBuffer>, WTF::DefaultRefDerefTraits<JSC::ArrayBuffer>>&&, unsigned long, std::__1::optional<unsigned long>)+0xae frame #2: JavaScriptCore`JSC::JSGenericTypedArrayView<JSC::Uint16Adaptor>::create(JSC::VM&, JSC::Structure*, WTF::RefPtr<JSC::GenericTypedArrayView<JSC::Uint16Adaptor>, WTF::RawPtrTraits<JSC::GenericTypedArrayView<JSC::Uint16Adaptor>>, WTF::DefaultRefDerefTraits<JSC::GenericTypedArrayView<JSC::Uint16Adaptor>>>&&)+0x1b5 ```
Attachments
Add attachment proposed patch, testcase, etc.
Jean-Yves Avenard [:jya]
Comment 1 2025-02-02 18:43:26 PST
rdar://143695448
Jean-Yves Avenard [:jya]
Comment 2 2025-02-02 20:49:33 PST
Pull request: https://github.com/WebKit/WebKit/pull/39895
EWS
Comment 3 2025-02-03 02:59:07 PST
Committed 289725@main (741c9b58c545): <https://commits.webkit.org/289725@main> Reviewed commits have been landed. Closing PR #39895 and removing active labels.
EWS
Comment 4 2025-02-11 09:56:01 PST
Committed 289651.82@safari-7621-branch (418bff0d4ae9): <https://commits.webkit.org/289651.82@safari-7621-branch> Reviewed commits have been landed. Closing PR #2559 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.