[Webkit-unassigned] [Bug 14780] New: calling dataWithPDFInsideRect on an SVG image with a gradient crashes

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Jul 27 04:23:04 PDT 2007 

http://bugs.webkit.org/show_bug.cgi?id=14780

           Summary: calling dataWithPDFInsideRect on an SVG image with a
                    gradient crashes
           Product: WebKit
           Version: 522+ (nightly)
          Platform: Macintosh
        OS/Version: Mac OS X 10.4
            Status: UNCONFIRMED
          Severity: Major
          Priority: P2
         Component: SVG
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: alan at softpress.com


It seems that calling dataWithPDFInsideRect on a web-view that has an SVG image
that has a gradient fill crashes. This makes a proposed use of web-kit within
our application impossible - so for us it is quite serious. I have tested the
print within Safari on the same file, and got Safari to generate a PDF and this
works fine. I am using the Safari 3.0 Beta of web-kit (522.12). Testing the
same use dataWithPDFInsideRect  against other SVG files is fine.

I will attached a hacked version of the CarbonWeb application that exhibits the
crash. The hacks to CarbonWeb are quick and dirty - but the crash happens. The
steps that repeat the crash for me are as as follows.

1. Build and run the hacked version of CarbonWeb
2. Drag 'color-prop-01-b.svg' or 'coords-units-01-b.svg' into Safari
3. >> The image displays fine
4. Copy the URL from the safari tool bar and paste it into the address area of
the hacked CarbonWeb application
5. Hit return (to get hacked CarbonWeb to load the URL)
6. >> Crash

I append the top part of the stack

Exception:  EXC_BAD_ACCESS (0x0001)
Codes:      KERN_PROTECTION_FAILURE (0x0002) at 0x00000010

Thread 0 Crashed:
0   com.apple.WebCore           0x961fa3a8 WebCore::cgGradientCallback(void*,
float const*, float*) + 72
1   com.apple.CoreGraphics      0x904848e4 CGFunctionEvaluate + 184
2   libPDFRIP.A.dylib           0x947ed2b8 emitSamples + 216
3   libPDFRIP.A.dylib           0x947ed754 PDFFunctionEmitDefinition + 872
4   libPDFRIP.A.dylib           0x947ed970 emitFunctionDefinition + 24
5   com.apple.CoreFoundation    0x907dbb3c CFSetApplyFunction + 268
6   libPDFRIP.A.dylib           0x947dbd3c PDFFunctionSetEmitDefinitions + 80
7   libPDFRIP.A.dylib           0x947da0ec PDFDocumentEndPage + 388
8   libPDFRIP.A.dylib           0x947d9f54 pdf_EndPage + 20
9   com.apple.AppKit            0x93a07f98 -[NSPSAndPDFGraphicsContext endPage]
+ 48
10  com.apple.AppKit            0x93a07a4c -[NSView(NSPrinting)
_realCopyPSCodeInside:helpedBy:] + 588
11  com.apple.AppKit            0x939996cc -[NSConcretePrintOperation
_doActualViewPrinting] + 120
12  com.apple.AppKit            0x93a07700 -[NSConcretePrintOperation
runOperation] + 372
13  com.apple.AppKit            0x93a07370 -[NSView(NSPrinting)
dataWithPDFInsideRect:] + 104
14  com.apple.CarbonWeb         0x00013b14 TWebWindow::FrameLoadDone(NSError*,
WebDataSource*) + 676 (TWebWindow.cp:1251)
15  com.apple.CarbonWeb         0x00015090
TWebWindow::HandleFrameLoad(TCarbonEvent&) + 376 (TWebWindow.cp:696)
16  com.apple.CarbonWeb         0x00015484
TWebWindow::HandleEvent(OpaqueEventHandlerCallRef*, TCarbonEvent&) + 224
(TWebWindow.cp:928)
17  com.apple.CarbonWeb         0x00009e94
TWindow::EventHandlerProc(OpaqueEventHandlerCallRef*, OpaqueEventRef*, void*) +
100 (TWindow.cp:527)
18  com.apple.HIToolbox         0x93296934
DispatchEventToHandlers(EventTargetRec*, OpaqueEventRef*, HandlerCallRec*) +
692
19  com.apple.HIToolbox         0x9329608c
SendEventToEventTargetInternal(OpaqueEventRef*, OpaqueEventTargetRef*,
HandlerCallRec*) + 372
20  com.apple.HIToolbox         0x93295f08 SendEventToEventTargetWithOptions +
40
21  com.apple.CarbonWeb         0x00016030
FinishFrameLoadEvent(OpaqueEventRef*, OpaqueHIObjectRef*) + 56
(MyFrameLoadAdapter.m:224)
22  com.apple.CarbonWeb         0x00016464 -[MyFrameLoadAdapter
webView:didFinishLoadForFrame:] + 128 (MyFrameLoadAdapter.m:127)
23  libobjc.A.dylib             0x90a451f4 objc_msgSendv + 180
24  com.apple.Foundation        0x92bdbc94 -[NSInvocation invoke] + 944
25  com.apple.Foundation        0x92bdc244 -[NSInvocation invokeWithTarget:] +
64
26  com.apple.Foundation        0x92bd4040 -[NSObject(NSForwardInvocation)
forward::] + 408
27  libobjc.A.dylib             0x90a450b0 _objc_msgForward + 176
28  com.apple.WebKit            0x95c686fc
WebFrameLoaderClient::dispatchDidFinishLoad() + 92
29  com.apple.WebCore           0x961bb59c
WebCore::FrameLoader::checkLoadCompleteForThisFrame() + 908
30  com.apple.WebCore           0x961bbb98
WebCore::FrameLoader::recursiveCheckLoadComplete() + 504
31  com.apple.WebCore           0x961bbe20
WebCore::FrameLoader::finishedLoading() + 368
32  com.apple.WebCore           0x961cc3d8
WebCore::MainResourceLoader::didFinishLoading() + 56
33  com.apple.WebCore           0x961a2d14 -[WebCoreResourceHandleAsDelegate
connectionDidFinishLoading:] + 84
34  com.apple.Foundation        0x92c1289c
-[NSURLConnection(NSURLConnectionInternal) _sendDidFinishLoadingCallback] + 188
35  com.apple.Foundation        0x92c10b08
-[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] + 556


-- 
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list