Bug 296427
| Summary: | Crash in WebCore::FragmentedSharedBuffer::takeData | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Jean-Yves Avenard [:jya] <jean-yves.avenard> |
| Component: | Media | Assignee: | Jean-Yves Avenard [:jya] <jean-yves.avenard> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | CC: | webkit-bug-importer |
| Priority: | P2 | Keywords: | InRadar |
| Version: | WebKit Nightly Build | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
Jean-Yves Avenard [:jya]
```
22 bool WTF::VectorBufferBase<unsigned char, WTF::FastMalloc>::allocateBuffer<(WTF::FailureAction)0>(unsigned long) (WebCore)
22 bool WTF::Vector<unsigned char, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>::reserveInitialCapacity<(WTF::FailureAction)0>(unsigned long) (WebCore)
22 WTF::Vector<unsigned char, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>::reserveInitialCapacity(unsigned long) (WebCore)
22 WebCore::combineSegmentsData(WTF::Vector<WebCore::FragmentedSharedBuffer::DataSegmentVectorEntry, 1ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, unsigned long) (WebCore)
==> 22 WebCore::FragmentedSharedBuffer::takeData() (WebCore) <==
22 WebCore::FragmentedSharedBuffer::extractData() (WebCore)
22 WebCore::FetchBodyConsumer::takeAsBlob(WebCore::ScriptExecutionContext*, WTF::String const&) (WebCore)
22 auto WebCore::FetchBodyConsumer::resolve(WTF::Ref<WebCore::DeferredPromise, WTF::RawPtrTraits<WebCore::DeferredPromise>, WTF::DefaultRefDerefTraits<WebCore::DeferredPromise>>&&, WTF::String const&, WebCore::FetchBodyOwner*, WebCore::ReadableStream*)::$_1::operator()<WebCore::ScriptExecutionContext>(WebCore::ScriptExecutionContext&) const (WebCore)
22 WTF::Detail::CallableWrapper<WebCore::FetchBodyConsumer::resolve(WTF::Ref<WebCore::DeferredPromise, WTF::RawPtrTraits<WebCore::DeferredPromise>, WTF::DefaultRefDerefTraits<WebCore::DeferredPromise>>&&, WTF::String const&, WebCore::FetchBodyOwner*, WebCore::ReadableStream*)::$_1, WTF::Ref<WebCore::Blob, WTF::RawPtrTraits<WebCore::Blob>, WTF::DefaultRefDerefTraits<WebCore::Blob>>, WebCore::ScriptExecutionContext&>::call(WebCore::ScriptExecutionContext&) (WebCore)
22 WTF::Function<WTF::Ref<WebCore::Blob, WTF::RawPtrTraits<WebCore::Blob>, WTF::DefaultRefDerefTraits<WebCore::Blob>> (WebCore::ScriptExecutionContext&)>::operator()(WebCore::ScriptExecutionContext&) const (WebCore)
22 void WebCore::DeferredPromise::resolveCallbackValueWithNewlyCreated<WebCore::IDLInterface<WebCore::Blob>>(WTF::Function<WebCore::IDLInterface<WebCore::Blob>::InnerParameterType (WebCore::ScriptExecutionContext&)> const&) (WebCore)
22 WebCore::FetchBodyConsumer::resolve(WTF::Ref<WebCore::DeferredPromise, WTF::RawPtrTraits<WebCore::DeferredPromise>, WTF::DefaultRefDerefTraits<WebCore::DeferredPromise>>&&, WTF::String const&, WebCore::FetchBodyOwner*, WebCore::ReadableStream*) (WebCore)
22 WebCore::FetchBodyConsumer::loadingSucceeded(WTF::String const&) (WebCore)
22 WebCore::FetchBody::loadingSucceeded(WTF::String const&) (WebCore)
22 WebCore::FetchResponse::didSucceed(WebCore::NetworkLoadMetrics const&) (WebCore)
22 WebCore::FetchResponse::Loader::didSucceed(WebCore::NetworkLoadMetrics const&) (WebCore)
22 WebCore::DocumentThreadableLoader::didFinishLoading(std::__1::optional<WTF::ObjectIdentifierGeneric<WebCore::ResourceLoaderIdentifierType, WTF::ObjectIdentifierThreadSafeAccessTraits<unsigned long long>, unsigned long long>>, WebCore::NetworkLoadMetrics const&) (WebCore)
22 WebCore::CachedResource::checkNotify(WebCore::NetworkLoadMetrics const&, WebCore::LoadWillContinueInAnotherProcess) (WebCore)
22 WebCore::CachedResource::finishLoading(WebCore::FragmentedSharedBuffer const*, WebCore::NetworkLoadMetrics const&) (WebCore)
22 WebCore::CachedRawResource::finishLoading(WebCore::FragmentedSharedBuffer const*, WebCore::NetworkLoadMetrics const&) (WebCore)
22 WebCore::SubresourceLoader::didFinishLoading(WebCore::NetworkLoadMetrics const&) (WebCore)
22 WebKit::WebResourceLoader::didFinishResourceLoad(WebCore::NetworkLoadMetrics&&) (WebKit)
22 auto void IPC::callMemberFunction<WebKit::WebResourceLoader, WebKit::WebResourceLoader, void (WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>&&)::'lambda'(auto&&...)::operator()<WebCore::NetworkLoadMetrics>(auto&&...) const (WebKit)
22 decltype(std::declval<WebKit::WebResourceLoader>()(std::declval<WebCore::NetworkLoadMetrics>())) std::__1::__invoke[abi:sn200100]<void IPC::callMemberFunction<WebKit::WebResourceLoader, WebKit::WebResourceLoader, void (WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>&&)::'lambda'(auto&&...), WebCore::NetworkLoadMetrics>(WebKit::WebResourceLoader&&, WebCore::NetworkLoadMetrics&&) (WebKit)
22 decltype(auto) std::__1::__apply_tuple_impl[abi:sn200100]<void IPC::callMemberFunction<WebKit::WebResourceLoader, WebKit::WebResourceLoader, void (WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>&&)::'lambda'(auto&&...), std::__1::tuple<WebCore::NetworkLoadMetrics>, 0ul>(WebKit::WebResourceLoader&&, WebKit::WebResourceLoader&&, std::__1::__tuple_indices<0ul>) (WebKit)
22 decltype(auto) std::__1::apply[abi:sn200100]<void IPC::callMemberFunction<WebKit::WebResourceLoader, WebKit::WebResourceLoader, void (WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>&&)::'lambda'(auto&&...), std::__1::tuple<WebCore::NetworkLoadMetrics>>(WebKit::WebResourceLoader&&, WebKit::WebResourceLoader&&) (WebKit)
22 void IPC::callMemberFunction<WebKit::WebResourceLoader, WebKit::WebResourceLoader, void (WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>>(WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics&&), std::__1::tuple<WebCore::NetworkLoadMetrics>&&) (WebKit)
22 void IPC::handleMessage<Messages::WebResourceLoader::DidFinishResourceLoad, IPC::Connection, WebKit::WebResourceLoader, WebKit::WebResourceLoader, void (WebCore::NetworkLoadMetrics&&)>(IPC::Connection&, IPC::Decoder&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics&&)) (WebKit)
22 WebKit::WebResourceLoader::didReceiveMessage(IPC::Connection&, IPC::Decoder&) (WebKit)
22 WebKit::NetworkProcessConnection::dispatchMessage(IPC::Connection&, IPC::Decoder&) (WebKit)
22 WebKit::NetworkProcessConnection::didReceiveMessage(IPC::Connection&, IPC::Decoder&) (WebKit)
22 IPC::Connection::dispatchMessage(IPC::Decoder&) (WebKit)
22 IPC::Connection::dispatchMessage(WTF::UniqueRef<IPC::Decoder>) (WebKit)
22 IPC::Connection::dispatchOneIncomingMessage() (WebKit)
22 IPC::Connection::enqueueIncomingMessage(WTF::UniqueRef<IPC::Decoder>)::$_2::operator()() const (WebKit)
22 WTF::Detail::CallableWrapper<IPC::Connection::enqueueIncomingMessage(WTF::UniqueRef<IPC::Decoder>)::$_2, void>::call() (WebKit)
22 WTF::Function<void ()>::operator()() const (JavaScriptCore)
22 WTF::RunLoop::performWork() (JavaScriptCore)
22 WTF::RunLoop::performWork(void*) (JavaScriptCore)
22 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ (CoreFoundation)
22 __CFRunLoopDoSource0 (CoreFoundation)
22 __CFRunLoopDoSources0 (CoreFoundation)
22 __CFRunLoopRun (CoreFoundation)
22 _CFRunLoopRunSpecificWithOptions (CoreFoundation)
22 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] (Foundation)
22 -[NSRunLoop(NSRunLoop) run] (Foundation)
22 _xpc_objc_main (libxpc.dylib)
22 _xpc_main (libxpc.dylib)
22 xpc_main (libxpc.dylib)
22 WebKit::XPCServiceMain(int, char const**) (WebKit)
22 start (dyld)
```
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Jean-Yves Avenard [:jya]
rdar://155578324
Jean-Yves Avenard [:jya]
Pull request: https://github.com/WebKit/WebKit/pull/48473
EWS
Committed 297885@main (59ff57feba67): <https://commits.webkit.org/297885@main>
Reviewed commits have been landed. Closing PR #48473 and removing active labels.