RESOLVED FIXED263666
[cairo] Crash in PathStream::copy() after 268923@main 
https://bugs.webkit.org/show_bug.cgi?id=263666
Summary [cairo] Crash in PathStream::copy() after 268923@main
Carlos Garcia Campos
Reported 2023-10-25 09:55:05 PDT
#0 0x00007f4bffb79e18 in WebCore::PathStream::copy() const () from /home/cgarcia/src/git/gnome/WebKit-WPE-platform/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #1 0x00007f4bffb7bedc in WebCore::Path::ensurePlatformPathImpl() () from /home/cgarcia/src/git/gnome/WebKit-WPE-platform/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #2 0x00007f4bffb7c419 in WebCore::Path::platformPath() const () from /home/cgarcia/src/git/gnome/WebKit-WPE-platform/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #3 0x00007f4bffbbb575 in WebCore::Cairo::fillPath(WebCore::GraphicsContextCairo&, WebCore::Path const&, WebCore::Cairo::FillSource const&, WebCore::Cairo::ShadowState const&) () from /home/cgarcia/src/git/gnome/WebKit-WPE-platform/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #4 0x00007f4bfdceaa90 in Nicosia::PaintingContextCairo::ForPainting::replay(WTF::Vector<std::unique_ptr<Nicosia::PaintingOperation, std::default_delete<Nicosia::PaintingOperation> >, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&) () from /home/cgarcia/src/git/gnome/WebKit-WPE-platform/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #5 0x00007f4bfdcddcd5 in WTF::Detail::CallableWrapper<Nicosia::PaintingEngineThreaded::paint(WebCore::GraphicsLayer&, WTF::Ref<Nicosia::Buffer, WTF::RawPtrTraits<Nicosia::Buffer> >&&, WebCore::IntRect const&, WebCore::IntRect const&, WebCore::IntRect const&, float)::{lambda()#1}, void>::call() () from /home/cgarcia/src/git/gnome/WebKit-WPE-platform/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #6 0x00007f4bfdbdf40e in WTF::WorkerPool::Worker::work() () from /home/cgarcia/src/git/gnome/WebKit-WPE-platform/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #7 0x00007f4bfdb73053 in WTF::Detail::CallableWrapper<WTF::AutomaticThread::start(WTF::AbstractLocker const&)::{lambda()#1}, void>::call() () from /home/cgarcia/src/git/gnome/WebKit-WPE-platform/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #8 0x00007f4bfdba9ab6 in WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*) () from /home/cgarcia/src/git/gnome/WebKit-WPE-platform/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #9 0x00007f4bfdc10df9 in WTF::wtfThreadEntryPoint(void*) () from /home/cgarcia/src/git/gnome/WebKit-WPE-platform/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #10 0x00007f4bfb2a63ec in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:444 #11 0x00007f4bfb326a4c in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
Attachments
Add attachment proposed patch, testcase, etc.
Carlos Garcia Campos
Comment 1 2023-10-25 09:59:17 PDT
Pull request: https://github.com/WebKit/WebKit/pull/19546
EWS
Comment 2 2023-10-26 01:21:01 PDT
Committed 269805@main (d64c4def18dd): <https://commits.webkit.org/269805@main> Reviewed commits have been landed. Closing PR #19546 and removing active labels.
Radar WebKit Bug Importer
Comment 3 2023-10-26 01:22:15 PDT
<rdar://problem/117521784>
EWS
Comment 4 2023-12-14 06:46:22 PST
Committed 267815.631@safari-7617-branch (0ec30d83db60): <https://commits.webkit.org/267815.631@safari-7617-branch> Reviewed commits have been landed. Closing PR #971 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.