RESOLVED FIXED 289832
REGRESSION(291982@main): Null pointer deference may happen if the page contains an SVGImage
https://bugs.webkit.org/show_bug.cgi?id=289832
Summary REGRESSION(291982@main): Null pointer deference may happen if the page contai...
Said Abou-Hallawa
Reported 2025-03-14 15:36:10 PDT
The following null pointer deference may happen if the page contains an SVGImage. SVGImage::hasPaintedHDRContent() needs to null-check m_page. Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x00000000000000c0 Exception Codes: 0x0000000000000001, 0x00000000000000c0 Termination Reason: Namespace SIGNAL, Code 11 Segmentation fault: 11 Terminating Process: exc handler [82760] VM Region Info: 0xc0 is not in any region. Bytes before following region: 4335451968 REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL UNUSED SPACE AT START ---> __TEXT 10269c000-1026a0000 [ 16K] r-x/r-x SM=COW /Volumes/VOLUME/*/Safari-GlowC-Performance-SafariCheer-main-292088@main-1741875988_4fd62d90ab92.app/Contents/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent.Development Application Specific Information: Bundle controller class: BrowserBundleController Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 WebCore 0x11e2f35b4 WebCore::SVGImage::hasPaintedHDRContent() const + 24 1 WebCore 0x11de3b434 WebCore::RenderImage::notifyFinished(WebCore::CachedResource&, WebCore::NetworkLoadMetrics const&, WebCore::LoadWillContinueInAnotherProcess) + 320 2 WebCore 0x11d760848 WebCore::CachedResource::checkNotify(WebCore::NetworkLoadMetrics const&, WebCore::LoadWillContinueInAnotherProcess) + 160 3 WebCore 0x11d760ccc WebCore::CachedResource::cancelLoad(WebCore::LoadWillContinueInAnotherProcess) + 252
Attachments
Radar WebKit Bug Importer
Comment 1 2025-03-14 15:37:46 PDT
Said Abou-Hallawa
Comment 2 2025-03-14 15:42:13 PDT
EWS
Comment 3 2025-03-14 18:42:49 PDT
Committed 292203@main (04f643451ef2): <https://commits.webkit.org/292203@main> Reviewed commits have been landed. Closing PR #42518 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.