RESOLVED FIXED 256470
Crash in PDFDocument::sendPDFArrayBuffer 
https://bugs.webkit.org/show_bug.cgi?id=256470
Summary Crash in PDFDocument::sendPDFArrayBuffer
Michael Catanzaro
Reported 2023-05-08 09:35:08 PDT
Created attachment 466282 [details] Full backtrace This null pointer dereference occurred when refreshing a PDF document, but I'm not able to reproduce it: #0 WebCore::FragmentedSharedBuffer::size (this=0x0) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/SharedBuffer.h:179 #1 WebCore::FragmentedSharedBuffer::tryCreateArrayBuffer (this=0x0) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/platform/SharedBuffer.cpp:198 #2 0x00007f9f9d3b90bb in WebCore::PDFDocument::sendPDFArrayBuffer (this=0x7f9f25110800) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/html/PDFDocument.cpp:210 #3 0x00007f9f9d5fff63 in WebCore::FrameLoader::stop (this=0x7f9f7d0704e0) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/loader/FrameLoader.cpp:587 #4 WebCore::FrameLoader::receivedMainResourceError (this=0x7f9f7d0704e0, error=...) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/loader/FrameLoader.cpp:3343 #5 0x00007f9f9d5d0a92 in WebCore::DocumentLoader::cancelMainResourceLoad (this=this@entry=0x7f9f25c3ec00, resourceError=...) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/loader/DocumentLoader.cpp:2296 #6 0x00007f9f9d5d0433 in WebCore::DocumentLoader::stopLoading (this=0x7f9f25c3ec00) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/loader/DocumentLoader.cpp:396 #7 0x00007f9f9d5fc0c6 in WebCore::FrameLoader::stopAllLoaders (this=0x7f9f7d0704e0, clearProvisionalItem=<optimized out>, stopLoadingPolicy=stopLoadingPolicy@entry=WebCore::StopLoadingPolicy::PreventDuringUnloadEvents) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/loader/FrameLoader.cpp:1907 #8 0x00007f9f9d5fc4de in WebCore::FrameLoader::stopForUserCancel (this=0x7ffc35e65c80, deferCheckLoadComplete=false) at /home/mcatanzaro/Projects/WebKit/Source/WebCore/loader/FrameLoader.cpp:1966 #9 0x00007f9f9c2aa941 in WebKit::WebPage::stopLoading (this=0x7f9f7d0ac730) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/WebProcess/WebPage/WebPage.cpp:1967 #10 0x00007f9f9bd4d210 in _ZZN3IPC18callMemberFunctionIN6WebKit7WebPageES2_FvvESt5tupleIJEEEEvPT_MT0_T1_OT2_ENKUlDpOT_E_clIJEEEDaSF_ (this=<optimized out>) at /home/mcatanzaro/Projects/WebKit/Source/WebKit/Platform/IPC/HandleMessage.h:136
Attachments
Full backtrace (14.19 KB, text/plain)
2023-05-08 09:35 PDT, Michael Catanzaro 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Michael Catanzaro
Comment 1 2023-05-08 09:38:47 PDT
This backtrace is taken with 263802@main
Michael Catanzaro
Comment 2 2023-05-08 10:01:31 PDT
Pull request: https://github.com/WebKit/WebKit/pull/13583
Radar WebKit Bug Importer
Comment 3 2023-05-15 09:36:20 PDT
<rdar://problem/109358135>
EWS
Comment 4 2023-05-16 07:31:42 PDT
Committed 264114@main (5dd594fd96bb): <https://commits.webkit.org/264114@main> Reviewed commits have been landed. Closing PR #13583 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.