[Webkit-unassigned] [Bug 56201] New: WebKitIconDatabase may trigger crash in cairoImageSurfaceToGdkPixbuf

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Mar 11 09:17:11 PST 2011


https://bugs.webkit.org/show_bug.cgi?id=56201

           Summary: WebKitIconDatabase may trigger crash in
                    cairoImageSurfaceToGdkPixbuf
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Other
        OS/Version: All
            Status: NEW
          Severity: Major
          Priority: P2
         Component: WebKit Gtk
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: christian at twotoasts.de


So I didn't encounter problem this whilst I was hacking on the feature and once I started to use a patched Midori which exclusively fetches icons from the database I ran into this bug.

Apparently it happens after I close and re-open the browser OR if I open particular websites:

606        if (! _cairo_surface_is_image (surface)) {
(gdb) bt
#0  0x00007ffff6212e8b in *INT_cairo_image_surface_get_height (surface=0x0) at cairo-image-surface.c:606
#1  0x00007ffff2c8bd86 in cairoImageSurfaceToGdkPixbuf(_cairo_surface*) () from /home/kalikiana/gtk/lib/libwebkitgtk-1.0.so.0
#2  0x00007ffff2ce1916 in webkit_icon_database_get_icon_pixbuf () from /home/kalikiana/gtk/lib/libwebkitgtk-1.0.so.0
#3  0x000000000042adda in katze_load_cached_icon (uri=0xc420e0 "http://www.nekobento.com/", widget=0xaa2af0) at ../katze/katze-utils.c:1525
#4  0x000000000045f34d in katze_array_action_icon_loaded_cb (database=<value optimized out>, web_frame=<value optimized out>, 
    frame_uri=0xc420e0 "http://www.nekobento.com/", toolbutton=0xaa18b0) at ../katze/katze-arrayaction.c:669
#5  0x00007ffff5895d3e in g_closure_invoke (closure=0xaa6340, return_value=0x0, n_param_values=3, param_values=0xbf3990, invocation_hint=0x7fffffffca30) at gclosure.c:767
#6  0x00007ffff58a86aa in signal_emit_unlocked_R (node=<value optimized out>, detail=0, instance=0x705580, emission_return=0x0, instance_and_params=0xbf3990)
    at gsignal.c:3252
#7  0x00007ffff58b1cea in g_signal_emit_valist (instance=<value optimized out>, signal_id=<value optimized out>, detail=<value optimized out>, var_args=0x7fffffffcc50)
    at gsignal.c:2983
#8  0x00007ffff58b2052 in g_signal_emit_by_name (instance=<value optimized out>, detailed_signal=0x7ffff3ad252d "icon-loaded") at gsignal.c:3077
#9  0x00007ffff2cd4b39 in WebKit::FrameLoaderClient::dispatchDidReceiveIcon() () from /home/kalikiana/gtk/lib/libwebkitgtk-1.0.so.0
#10 0x00007ffff31983d8 in WebCore::IconLoader::finishLoading(WebCore::KURL const&, WTF::PassRefPtr<WebCore::SharedBuffer>) ()
   from /home/kalikiana/gtk/lib/libwebkitgtk-1.0.so.0
#11 0x00007ffff31987bb in WebCore::IconLoader::didReceiveResponse(WebCore::SubresourceLoader*, WebCore::ResourceResponse const&) ()

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.



More information about the webkit-unassigned mailing list