56201 2011-03-11 09:17:11 -0800 WebKitIconDatabase may trigger crash in cairoImageSurfaceToGdkPixbuf 2011-03-21 10:11:40 -0700 1 1 1 Unclassified WebKit WebKitGTK 528+ (Nightly build) Other All RESOLVED FIXED P2 Major --- 1 christian christian svillar oldest_to_newest 366038 0 christian 2011-03-11 09:17:11 -0800 So I didn't encounter problem this whilst I was hacking on the feature and once I started to use a patched Midori which exclusively fetches icons from the database I ran into this bug. Apparently it happens after I close and re-open the browser OR if I open particular websites: 606 if (! _cairo_surface_is_image (surface)) { (gdb) bt #0 0x00007ffff6212e8b in *INT_cairo_image_surface_get_height (surface=0x0) at cairo-image-surface.c:606 #1 0x00007ffff2c8bd86 in cairoImageSurfaceToGdkPixbuf(_cairo_surface*) () from /home/kalikiana/gtk/lib/libwebkitgtk-1.0.so.0 #2 0x00007ffff2ce1916 in webkit_icon_database_get_icon_pixbuf () from /home/kalikiana/gtk/lib/libwebkitgtk-1.0.so.0 #3 0x000000000042adda in katze_load_cached_icon (uri=0xc420e0 "http://www.nekobento.com/", widget=0xaa2af0) at ../katze/katze-utils.c:1525 #4 0x000000000045f34d in katze_array_action_icon_loaded_cb (database=<value optimized out>, web_frame=<value optimized out>, frame_uri=0xc420e0 "http://www.nekobento.com/", toolbutton=0xaa18b0) at ../katze/katze-arrayaction.c:669 #5 0x00007ffff5895d3e in g_closure_invoke (closure=0xaa6340, return_value=0x0, n_param_values=3, param_values=0xbf3990, invocation_hint=0x7fffffffca30) at gclosure.c:767 #6 0x00007ffff58a86aa in signal_emit_unlocked_R (node=<value optimized out>, detail=0, instance=0x705580, emission_return=0x0, instance_and_params=0xbf3990) at gsignal.c:3252 #7 0x00007ffff58b1cea in g_signal_emit_valist (instance=<value optimized out>, signal_id=<value optimized out>, detail=<value optimized out>, var_args=0x7fffffffcc50) at gsignal.c:2983 #8 0x00007ffff58b2052 in g_signal_emit_by_name (instance=<value optimized out>, detailed_signal=0x7ffff3ad252d "icon-loaded") at gsignal.c:3077 #9 0x00007ffff2cd4b39 in WebKit::FrameLoaderClient::dispatchDidReceiveIcon() () from /home/kalikiana/gtk/lib/libwebkitgtk-1.0.so.0 #10 0x00007ffff31983d8 in WebCore::IconLoader::finishLoading(WebCore::KURL const&, WTF::PassRefPtr<WebCore::SharedBuffer>) () from /home/kalikiana/gtk/lib/libwebkitgtk-1.0.so.0 #11 0x00007ffff31987bb in WebCore::IconLoader::didReceiveResponse(WebCore::SubresourceLoader*, WebCore::ResourceResponse const&) () 366072 1 85487 christian 2011-03-11 10:07:11 -0800 Created attachment 85487 Don't attempt to make a pixbuf if there is no image 367552 2 svillar 2011-03-15 01:13:17 -0700 (In reply to comment #1) > Created an attachment (id=85487) [details] > Don't attempt to make a pixbuf if there is no image BTW I got the same with a ephy patched version 367680 3 85487 mrobinson 2011-03-15 08:49:49 -0700 Comment on attachment 85487 Don't attempt to make a pixbuf if there is no image View in context: https://bugs.webkit.org/attachment.cgi?id=85487&action=review Looks good. Does this fix the crasher or are there more? > Source/WebCore/platform/graphics/gtk/ImageGtk.cpp:157 > + if (!frameAtIndex(currentFrame())) > + return 0; > return cairoImageSurfaceToGdkPixbuf(frameAtIndex(currentFrame())); Please make this simple change before landing. cairo_surface_t* frame = frameAtIndex(currentFrame()); if (!frame) return 0; return cairoImageSurfaceToGdkPixbuf(frame); 370440 4 christian 2011-03-21 10:11:40 -0700 Committed with the changes as r81589. 85487 2011-03-11 10:07:11 -0800 2011-03-15 08:49:48 -0700 Don't attempt to make a pixbuf if there is no image 0001-WebKitIconDatabase-may-trigger-crash-in-cairoImageSur.diff text/plain 1560 christian RnJvbSA2MTE2MjcxN2Y0MWE2NTQ3MGM1ZTBiMmQ3NjNjMTBiMTcxMGI2ZjUxIE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiBDaHJpc3RpYW4gRHl3YW4gPGNocmlzdGlhbkB0d290b2FzdHMu ZGU+CkRhdGU6IEZyaSwgMTEgTWFyIDIwMTEgMTk6MDU6MDYgKzAxMDAKU3ViamVjdDogW1BBVENI XSBXZWJLaXRJY29uRGF0YWJhc2UgbWF5IHRyaWdnZXIgY3Jhc2ggaW4gY2Fpcm9JbWFnZVN1cmZh Y2VUb0dka1BpeGJ1ZgogaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTU2 MjAxCgpSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KCiogcGxhdGZvcm0vZ3JhcGhpY3MvZ3Rr L0ltYWdlR3RrLmNwcDogRG9uJ3QgYXR0ZW1wdCB0byBtYWtlIGEgcGl4YnVmCiAgICBpZiB0aGVy ZSBpcyBubyBpbWFnZS4KCmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cgYi9T b3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKaW5kZXggNjdlZmVlMi4uMjEyNTdmMyAxMDA2NDQKLS0t IGEvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nCisrKyBiL1NvdXJjZS9XZWJDb3JlL0NoYW5nZUxv ZwpAQCAtMSwzICsxLDEzIEBACisyMDExLTAzLTExICBDaHJpc3RpYW4gRHl3YW4gIDxjaHJpc3Rp YW5AbGFuZWRvLmNvbT4KKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKwor ICAgICAgICBXZWJLaXRJY29uRGF0YWJhc2UgbWF5IHRyaWdnZXIgY3Jhc2ggaW4gY2Fpcm9JbWFn ZVN1cmZhY2VUb0dka1BpeGJ1ZgorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93 X2J1Zy5jZ2k/aWQ9NTYyMDEKKworICAgICAgICAqIHBsYXRmb3JtL2dyYXBoaWNzL2d0ay9JbWFn ZUd0ay5jcHA6IERvbid0IGF0dGVtcHQgdG8gbWFrZSBhIHBpeGJ1ZgorICAgICAgICAgICAgaWYg dGhlcmUgaXMgbm8gaW1hZ2UuCisKIDIwMTEtMDMtMTAgIE9qYW4gVmFmYWkgIDxvamFuQGNocm9t aXVtLm9yZz4KIAogICAgICAgICBSZXZpZXdlZCBieSBEYXJpbiBBZGxlci4KZGlmZiAtLWdpdCBh L1NvdXJjZS9XZWJDb3JlL3BsYXRmb3JtL2dyYXBoaWNzL2d0ay9JbWFnZUd0ay5jcHAgYi9Tb3Vy Y2UvV2ViQ29yZS9wbGF0Zm9ybS9ncmFwaGljcy9ndGsvSW1hZ2VHdGsuY3BwCmluZGV4IDYyM2Fj ZTYuLmM0NjU1ZjYgMTAwNjQ0Ci0tLSBhL1NvdXJjZS9XZWJDb3JlL3BsYXRmb3JtL2dyYXBoaWNz L2d0ay9JbWFnZUd0ay5jcHAKKysrIGIvU291cmNlL1dlYkNvcmUvcGxhdGZvcm0vZ3JhcGhpY3Mv Z3RrL0ltYWdlR3RrLmNwcApAQCAtMTUyLDYgKzE1Miw4IEBAIFBhc3NSZWZQdHI8SW1hZ2U+IElt YWdlOjpsb2FkUGxhdGZvcm1UaGVtZUljb24oY29uc3QgY2hhciogbmFtZSwgaW50IHNpemUpCiAK IEdka1BpeGJ1ZiogQml0bWFwSW1hZ2U6OmdldEdka1BpeGJ1ZigpCiB7CisgICAgaWYgKCFmcmFt ZUF0SW5kZXgoY3VycmVudEZyYW1lKCkpKQorICAgICAgICByZXR1cm4gMDsKICAgICByZXR1cm4g Y2Fpcm9JbWFnZVN1cmZhY2VUb0dka1BpeGJ1ZihmcmFtZUF0SW5kZXgoY3VycmVudEZyYW1lKCkp KTsKIH0KIAotLSAKMS43LjQuMQoK