[Webkit-unassigned] [Bug 223843] New: Fix a crash due to the failure of AVIF decoding
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Mar 27 14:19:46 PDT 2021
https://bugs.webkit.org/show_bug.cgi?id=223843
Bug ID: 223843
Summary: Fix a crash due to the failure of AVIF decoding
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: Images
Assignee: webkit-unassigned at lists.webkit.org
Reporter: changseok at webkit.org
https://gif2avif.com/browser-test/ crashes where AVIF support is enabled.
#0 0x00007fa33d834cf0 in WebCore::AVIFImageReader::imageCount() const ()
from target:/app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#1 0x00007fa33d834441 in WebCore::AVIFImageDecoder::tryDecodeSize(bool) ()
from target:/app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#2 0x00007fa33d813ef3 in WebCore::ScalableImageDecoder::setData(WebCore::SharedBuffer&, bool) ()
from target:/app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#3 0x00007fa33cfa765c in WebCore::ImageSource::dataChanged(WebCore::SharedBuffer*, bool) ()
from target:/app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#4 0x00007fa33cd07363 in WebCore::CachedImage::updateImageData(bool) ()
from target:/app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#5 0x00007fa33cd0d0e0 in WebCore::CachedImage::updateBufferInternal(WebCore::SharedBuffer&) ()
from target:/app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#6 0x00007fa33cd0d332 in WebCore::CachedImage::updateBuffer(WebCore::SharedBuffer&) ()
from target:/app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#7 0x00007fa33c9dfcad in WebCore::ImageDocumentParser::appendBytes(WebCore::DocumentWriter&, char const*, unsigned long) () from target:/app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#8 0x00007fa33b550696 in WebKit::WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader*, char const*, int) () from target:/app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#9 0x00007fa33cc527aa in WebCore::DocumentLoader::commitLoad(char const*, int) ()
from target:/app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#10 0x00007fa33cd1b6d8 in WebCore::CachedRawResource::notifyClientsDataWasReceived(char const*, unsigned int) [clone .part.0] () from target:/app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#11 0x00007fa33cd1bd5a in WebCore::CachedRawResource::updateBuffer(WebCore::SharedBuffer&) [clone .part.0] () from target:/app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#12 0x00007fa33ccd6c22 in WebCore::SubresourceLoader::didReceiveDataOrBuffer(char const*, int, WTF::RefPtr<WebCore::SharedBuffer, WTF::RawPtrTraits<WebCore::SharedBuffer>, WTF::DefaultRefDerefTraits<WebCore::Shar--Type <RET> for more, q to quit, c to continue without paging--
edBuffer> >&&, long long, WebCore::DataPayloadType) ()
from target:/app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#13 0x00007fa33ccd6dc5 in WebCore::SubresourceLoader::didReceiveData(char const*, unsigned int, long long, WebCore::DataPayloadType) () from target:/app/webkit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
Backtrace stopped: Cannot access memory at address 0x7fff96d4b698
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210327/32976dc7/attachment.htm>
More information about the webkit-unassigned
mailing list