[Webkit-unassigned] [Bug 203353] New: [WinCairo] GIFImageReader is ref/deref in different threads

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Oct 23 21:22:54 PDT 2019 

https://bugs.webkit.org/show_bug.cgi?id=203353

            Bug ID: 203353
           Summary: [WinCairo] GIFImageReader is ref/deref in different
                    threads
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Images
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: Hironori.Fujii at sony.com

[WinCairo] GIFImageReader is ref/deref in different threads

Debug build of WinCairo MiniBrowser can crash easily by browsing https://mainichi.jp/ today.

The following assertion is failing in wtf/RefCounted.h

> ASSERT_WITH_MESSAGE(m_isOwnedByMainThread == isMainThread(), "Unsafe to ref/deref from different threads");

Callstack:

> WTF.dll!WTFCrash() Line 305	C++
> WebKit2.dll!WTF::RefCountedBase::applyRefDerefThreadingCheck() Line 114	C++
> WebKit2.dll!WTF::RefCountedBase::derefBase() Line 130	C++
> WebKit2.dll!WTF::RefCounted<WebCore::SharedBuffer,std::default_delete<WebCore::SharedBuffer>>::deref() Line 189	C++
> WebKit2.dll!WTF::derefIfNotNull<WebCore::SharedBuffer>(WebCore::SharedBuffer * ptr) Line 45	C++
> WebKit2.dll!WTF::RefPtr<WebCore::SharedBuffer,WTF::DumbPtrTraits<WebCore::SharedBuffer>>::~RefPtr() Line 69	C++
> WebKit2.dll!GIFImageReader::~GIFImageReader() Line 219	C++
> [External Code]	
> WebKit2.dll!WebCore::GIFImageDecoder::gifComplete() Line 321	C++
> WebKit2.dll!GIFImageReader::decode(WebCore::GIFImageDecoder::GIFQuery query, unsigned int haltAtFrame) Line 391	C++
> WebKit2.dll!WebCore::GIFImageDecoder::decode(unsigned int haltAtFrame, WebCore::GIFImageDecoder::GIFQuery query, bool allDataReceived) Line 350	C++
> WebKit2.dll!WebCore::GIFImageDecoder::frameBufferAtIndex(unsigned __int64 index) Line 140	C++
> WebKit2.dll!WebCore::ScalableImageDecoder::createFrameImageAtIndex(unsigned __int64 index, WebCore::SubsamplingLevel, const WebCore::DecodingOptions &) Line 214	C++
> WebKit2.dll!WebCore::ImageSource::startAsyncDecodingQueue::<unnamed-tag>::operator()() Line 365	C++
> WebKit2.dll!WTF::Detail::CallableWrapper<`lambda at ..\..\Source\WebCore\platform/graphics/ImageSource.cpp:352:30',void>::call() Line 52	C++
> WTF.dll!WTF::Function<void ()>::operator()() Line 79	C++
> WTF.dll!WTF::WorkQueue::performWorkOnRegisteredWorkThread() Line 61	C++
> WTF.dll!WTF::WorkQueue::workThreadCallback(void * context) Line 44	C++
> [External Code]

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20191024/c5e5d828/attachment-0001.htm>

More information about the webkit-unassigned mailing list