Crash in XFA form when hovering mouse over page |
|||
Issue descriptionOn an XFA enabled build: 1. Open https://www.canada.ca/content/dam/ircc/migration/ircc/english/pdf/kits/forms/imm5257e.pdf 2. Hover the mouse pointer over the page. Expected: Nothing Actual: Crash with stack: Received signal 11 SEGV_MAPERR 000000000008 #0 0x7fe72897121d base::debug::StackTrace::StackTrace() #1 0x7fe72869b4bc base::debug::StackTrace::StackTrace() #2 0x7fe728970c74 base::debug::(anonymous namespace)::StackDumpSignalHandler() #3 0x7fe728c1b0c0 <unknown> #4 0x55609a2f1b0c google::protobuf::internal::RepeatedPtrFieldBase::size() #5 0x5560a0ec61af CPDF_LinkList::GetPageLinks() #6 0x5560a0ec67f9 CPDF_LinkList::GetLinkAtPoint() #7 0x5560a0cd8f35 FPDFLink_GetLinkAtPoint #8 0x5560a0cba937 chrome_pdf::PDFiumPage::GetCharIndex() #9 0x5560a0c7dae0 chrome_pdf::PDFiumEngine::GetCharIndex() #10 0x5560a0c7a6ea chrome_pdf::PDFiumEngine::OnMouseMove() #11 0x5560a0c79a21 chrome_pdf::PDFiumEngine::HandleEvent() #12 0x5560a0c51347 chrome_pdf::OutOfProcessInstance::HandleInputEvent()
,
May 8 2018
,
May 8 2018
,
May 8 2018
The following revision refers to this bug: https://pdfium.googlesource.com/pdfium/+/7b094f81483240f50dfc12e51cf545a8f0d5933d commit 7b094f81483240f50dfc12e51cf545a8f0d5933d Author: Henrique Nakashima <hnakashima@chromium.org> Date: Tue May 08 20:32:08 2018 Revert "Ensure that XFA Pages always have a corresponding PDF page" This reverts commit e7207f33f8024b59fc85abb1b4594b0fbab5361b. Reason for revert: Causes crash in some XFA forms - crbug.com/840922 This is a merge, not a clean revert. Original change's description: > Ensure that XFA Pages always have a corresponding PDF page > > The PDF page may be blank, un-numbered, or untracked by CPDF, but > this provides a place for all XFA pages to "extend" from down the > road. > > Change-Id: If1003be0f261154e61e9793ccba7e1f43cd73104 > Reviewed-on: https://pdfium-review.googlesource.com/31771 > Commit-Queue: Tom Sepez <tsepez@chromium.org> > Reviewed-by: dsinclair <dsinclair@chromium.org> Change-Id: Ia7f286321552b225a95f461aa8a6aef979f5c991 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:840922 Reviewed-on: https://pdfium-review.googlesource.com/32210 Reviewed-by: dsinclair <dsinclair@chromium.org> Commit-Queue: Henrique Nakashima <hnakashima@chromium.org> [modify] https://crrev.com/7b094f81483240f50dfc12e51cf545a8f0d5933d/fpdfsdk/fpdfxfa/cpdfxfa_page.h [modify] https://crrev.com/7b094f81483240f50dfc12e51cf545a8f0d5933d/fpdfsdk/fpdf_formfill.cpp [modify] https://crrev.com/7b094f81483240f50dfc12e51cf545a8f0d5933d/fpdfsdk/fpdfxfa/cpdfxfa_page.cpp [modify] https://crrev.com/7b094f81483240f50dfc12e51cf545a8f0d5933d/fpdfsdk/fpdf_editpage.cpp
,
May 9 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/a167df735886149537b0dcfaed2534935505f18b commit a167df735886149537b0dcfaed2534935505f18b Author: pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com <pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Date: Wed May 09 00:56:49 2018 Roll src/third_party/pdfium/ b7c41498a..df1298a22 (7 commits) https://pdfium.googlesource.com/pdfium.git/+log/b7c41498ac1f..df1298a228ab $ git log b7c41498a..df1298a22 --date=short --no-merges --format='%ad %ae %s' 2018-05-08 npm Add several FPDFPageObj_* APIs 2018-05-08 hnakashima Revert "Ensure that XFA Pages always have a corresponding PDF page" 2018-05-08 thestig Mark CPDF_Object pointers as const in CPDF_ViewerPreferences. 2018-05-08 thestig Add APIs to work with a FPDF_PAGERANGE. 2018-05-08 npm Remove almost all usages of CFX_FixedBufGrow with std::vector 2018-05-08 thestig Remove PDFTRANS_KNOCKOUT. 2018-05-08 thestig Add constants for PDF 1.7 spec, table 7.2 and 7.3. Created with: roll-dep src/third_party/pdfium BUG= chromium:840922 The AutoRoll server is located here: https://pdfium-roll.skia.org Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+/master/autoroll/README.md If the roll is causing failures, please contact the current sheriff, who should be CC'd on the roll, and stop the roller if necessary. TBR=dsinclair@chromium.org Change-Id: I0d8227d226a1a75bcba66dcfa03f908112897016 Reviewed-on: https://chromium-review.googlesource.com/1050626 Reviewed-by: pdfium-chromium-autoroll <pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Commit-Queue: pdfium-chromium-autoroll <pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#557036} [modify] https://crrev.com/a167df735886149537b0dcfaed2534935505f18b/DEPS
,
May 10 2018
,
May 10 2018
testing/resources/simple_xfa.pdf also works for reproducing this.
,
May 11 2018
Yeah, I got it to reproduce under standalone PDFium. Adding test at https://pdfium-review.googlesource.com/c/pdfium/+/32470
,
May 14 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/19319cd537d91d88262c1b4257442a339db88e8b commit 19319cd537d91d88262c1b4257442a339db88e8b Author: pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com <pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Date: Mon May 14 20:14:29 2018 Roll src/third_party/pdfium/ 22c24441a..77c223be1 (4 commits) https://pdfium.googlesource.com/pdfium.git/+log/22c24441a3a4..77c223be193b $ git log 22c24441a..77c223be1 --date=short --no-merges --format='%ad %ae %s' 2018-05-14 dsinclair Use internal wcstof instead of system wcstod in formcalc lexer 2018-05-14 tsepez Add regression test for XFA crash under CPDF_LinkList::GetPageLinks(). 2018-05-14 hnakashima Cleanup unused members of CFWL_MonthCalendar. 2018-05-14 hnakashima Remove dead code from CFWL_WidgetMgr. Created with: roll-dep src/third_party/pdfium BUG= chromium:813646 , chromium:840922 The AutoRoll server is located here: https://pdfium-roll.skia.org Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+/master/autoroll/README.md If the roll is causing failures, please contact the current sheriff, who should be CC'd on the roll, and stop the roller if necessary. TBR=dsinclair@chromium.org Change-Id: I663f89d69fd2fe4be1c05357226fec22db967113 Reviewed-on: https://chromium-review.googlesource.com/1058032 Commit-Queue: pdfium-chromium-autoroll <pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Reviewed-by: pdfium-chromium-autoroll <pdfium-chromium-autoroll@skia-buildbots.google.com.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#558433} [modify] https://crrev.com/19319cd537d91d88262c1b4257442a339db88e8b/DEPS |
|||
►
Sign in to add a comment |
|||
Comment 1 by hnakashima@chromium.org
, May 8 2018