[Webkit-unassigned] [Bug 25659] New: Calling frameCount() from BitmapImage::destroyDecodedDataIfNecessary() can cause GIF decoding

Fri May 8 21:08:03 PDT 2009

https://bugs.webkit.org/show_bug.cgi?id=25659

           Summary: Calling frameCount() from
                    BitmapImage::destroyDecodedDataIfNecessary() can cause
                    GIF decoding
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Macintosh
        OS/Version: Mac OS X 10.5
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Images
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: simon.fraser at apple.com

I noticed a stack where, during destruction of an HTMLImageElement, we can
actually do some GIF decoding because we're trying to get frameCount():

  15 WebCore  112.00 Kb     WebCore::Document::removedLastRef()
/Volumes/WebKit/WebKit.git/WebCore/dom/Document.cpp:413
  14 WebCore  112.00 Kb     WebCore::ContainerNode::removeAllChildren()
/Volumes/WebKit/WebKit.git/WebCore/dom/ContainerNode.cpp:56
  13 WebCore  112.00 Kb     void
WebCore::removeAllChildrenInContainer<WebCore::Node,
WebCore::ContainerNode>(WebCore::ContainerNode*)
/Volumes/WebKit/WebKit.git/WebCore/dom/ContainerNodeAlgorithms.h:51
  12 WebCore  112.00 Kb     WebCore::HTMLImageElement::~HTMLImageElement()
  11 WebCore  112.00 Kb     WebCore::HTMLImageLoader::~HTMLImageLoader()
  10 WebCore  112.00 Kb     WebCore::ImageLoader::~ImageLoader()
   9 WebCore  112.00 Kb    
WebCore::CachedResource::removeClient(WebCore::CachedResourceClient*)
/Volumes/WebKit/WebKit.git/WebCore/loader/CachedResource.cpp:166
   8 WebCore  112.00 Kb     WebCore::CachedImage::allClientsRemoved()
/Volumes/WebKit/WebKit.git/WebCore/loader/CachedImage.cpp:112
   7 WebCore  112.00 Kb     WebCore::BitmapImage::resetAnimation()
/Volumes/WebKit/WebKit.git/WebCore/platform/graphics/BitmapImage.cpp:378
   6 WebCore  112.00 Kb    
WebCore::BitmapImage::destroyDecodedDataIfNecessary(bool)
/Volumes/WebKit/WebKit.git/WebCore/platform/graphics/BitmapImage.cpp:98
   5 WebCore  112.00 Kb     WebCore::BitmapImage::frameCount()
/Volumes/WebKit/WebKit.git/WebCore/platform/graphics/BitmapImage.cpp:187
   4 WebCore  112.00 Kb     WebCore::ImageSource::frameCount() const
/Volumes/WebKit/WebKit.git/WebCore/platform/graphics/cg/ImageSourceCG.cpp:174
   3 ImageIO  112.00 Kb     CGImageSourceGetCount
   2 ImageIO  112.00 Kb     gifPluginImageCount
   1 libGIF.dylib  112.00 Kb     _cg_DGifOpen
   0 libSystem.B.dylib  112.00 Kb     malloc

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.