[Webkit-unassigned] [Bug 176306] New: Crash in WebCore::GIFImageDecoder::haveDecodedRow

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun Sep 3 07:39:59 PDT 2017 

https://bugs.webkit.org/show_bug.cgi?id=176306

            Bug ID: 176306
           Summary: Crash in WebCore::GIFImageDecoder::haveDecodedRow
           Product: WebKit
           Version: Other
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Images
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcatanzaro at igalia.com
                CC: bugs-noreply at webkitgtk.org, magomez at igalia.com

Created attachment 319779

  --> https://bugs.webkit.org/attachment.cgi?id=319779&action=review

Backtrace

I have 106 reports from 101 unique users of this crash in WebCore::GIFImageDecoder::haveDecodedRow:

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 WebCore::ImageBackingStore::pixelValue at /usr/src/debug/webkitgtk-2.16.5/Source/WebCore/platform/graphics/ImageBackingStore.h:214
 #1 WebCore::ImageBackingStore::setPixel at /usr/src/debug/webkitgtk-2.16.5/Source/WebCore/platform/graphics/ImageBackingStore.h:136
 #2 WebCore::GIFImageDecoder::haveDecodedRow at /usr/src/debug/webkitgtk-2.16.5/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:227
 #3 GIFLZWContext::outputRow at /usr/src/debug/webkitgtk-2.16.5/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:150
 #4 GIFLZWContext::doLZW at /usr/src/debug/webkitgtk-2.16.5/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:305
 #5 GIFFrameContext::decode at /usr/src/debug/webkitgtk-2.16.5/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:339
 #6 GIFImageReader::decode at /usr/src/debug/webkitgtk-2.16.5/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:370
 #7 WebCore::GIFImageDecoder::decode at /usr/src/debug/webkitgtk-2.16.5/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:335
 #8 WebCore::GIFImageDecoder::frameBufferAtIndex at /usr/src/debug/webkitgtk-2.16.5/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:119
 #9 WebCore::ImageDecoder::createFrameImageAtIndex at /usr/src/debug/webkitgtk-2.16.5/Source/WebCore/platform/image-decoders/ImageDecoder.cpp:216

Better backtrace attached.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170903/70813597/attachment-0001.html>

More information about the webkit-unassigned mailing list