[Webkit-unassigned] [Bug 93078] SharedBuffer::copy() can cause segmentation fault.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Aug 3 22:40:25 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=93078
--- Comment #5 from Huang Dongsung <luxtella at company100.net> 2012-08-03 22:40:23 PST ---
(In reply to comment #4)
> As you mentioned in bug description, this issue often causes segmentation faults. To create a regression test, you need to simulate the conditions in which the crash occurs.
>
> Are you seeing that on a live web site?
No, currently there are only two sites that use SharedBuffer::copy(): ImageDocument::finish() and IconDatabase::setIconDataForIconURL().
It seems those cases do not use append after copy.
I found this bug when I implemented parallel image decoder (Bug 90375).
As I mentioned, I often encountered segmentation fault when running parallel image decoder, because it uses copy and append.
I've tried to make a test, but I'm not sure how to test it.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list