[Webkit-unassigned] [Bug 178852] New: [GTK][WPE] Crash on WebCore::SharedBuffer::data()

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Oct 26 00:48:58 PDT 2017 

https://bugs.webkit.org/show_bug.cgi?id=178852

            Bug ID: 178852
           Summary: [GTK][WPE] Crash on WebCore::SharedBuffer::data()
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit Gtk
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: magomez at igalia.com
                CC: bugs-noreply at webkitgtk.org

We have a crash when decoding a GIF image. This is the backtrace:

Thread no. 1 (9 frames)
 #0 WebCore::SharedBuffer::data() const at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/SharedBuffer.cpp:100
 #1 GIFImageReader::data(unsigned long) const at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/image-decoders/gif/GIFImageReader.h:298
 #2 GIFImageReader::parse(unsigned long, unsigned long, bool) at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:412
 #3 GIFImageReader::decode(WebCore::GIFImageDecoder::GIFQuery, unsigned int) at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:360
 #4 WebCore::GIFImageDecoder::decode(unsigned int, WebCore::GIFImageDecoder::GIFQuery, bool) at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:349
 #5 WebCore::GIFImageDecoder::frameCount() const at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:67
 #6 WebCore::GIFImageDecoder::frameBufferAtIndex(unsigned long) at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:144
 #7 WebCore::ImageDecoder::createFrameImageAtIndex(unsigned long, WebCore::SubsamplingLevel, WebCore::DecodingOptions const&) at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/image-decoders/ImageDecoder.cpp:218
 #8 WebCore::ImageFrameCache::<lambda()>::operator() at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/graphics/ImageFrameCache.cpp:294

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20171026/3fc3efa9/attachment.html>

More information about the webkit-unassigned mailing list