WebKit Bugzilla
New
Browse
Search+
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
293591
com.apple.WebKit.WebContent crash at com.apple.WebCore: WebCore::preferredExtensionForImageType
https://bugs.webkit.org/show_bug.cgi?id=293591
Summary
com.apple.WebKit.WebContent crash at com.apple.WebCore: WebCore::preferredEx...
David Kilzer (:ddkilzer)
Reported
2025-05-26 12:21:21 PDT
com.apple.WebKit.WebContent crash at com.apple.WebCore: WebCore::preferredExtensionForImageType due to release assertion. In
Bug 256867
, a release assert was added to verify that the value of `UTTypeCopyPreferredTagWithClass()` matched the value of `+[UTType typeWithIdentifier:]`, but in all the cases where we crash, the `UTType` method returns a valid file extension while `UTTypeCopyPreferredTagWithClass()` returned a null/empty string, so we can just switch to using the `UTType` method. ``` Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.JavaScriptCore 0x10834f77c WTFCrashWithInfoImpl(int, char const*, char const*, int, unsigned long long, unsigned long long, unsigned long long, unsigned long long, unsigned long long, unsigned long long) 1 com.apple.WebCore 0x119c5c818 WebCore::preferredExtensionForImageType(WTF::String const&) 2 com.apple.WebCore 0x11ae6a0a0 WebCore::ImageDecoderCG::filenameExtension() const 3 com.apple.WebCore 0x11ad5ec18 WTF::String WebCore::BitmapImageDescriptor::imageMetadata<WTF::String>(WTF::String&, WTF::String const&, WebCore::BitmapImageDescriptor::CachedFlag, WTF::String (WebCore::ImageDecoder::*)() const) const 4 com.apple.WebCore 0x11ad5eccc WebCore::BitmapImageDescriptor::filenameExtension() const 5 com.apple.WebKit 0x10b311884 WebKit::WebDragClient::declareAndWriteDragImage(WTF::String const&, WebCore::Element&, WTF::URL const&, WTF::String const&, WebCore::LocalFrame*) 6 com.apple.WebCore 0x11ab4fc90 WebCore::DragController::startDrag(WebCore::LocalFrame&, WebCore::DragState const&, WTF::OptionSet<WebCore::DragOperation>, WebCore::PlatformMouseEvent const&, WebCore::IntPoint const&, WebCore::HasNonDefaultPasteboardData) 7 com.apple.WebCore 0x11ab60324 WebCore::EventHandler::handleDrag(WebCore::MouseEventWithHitTestResults const&, WebCore::CheckDragHysteresis) 8 com.apple.WebCore 0x11ab5f774 WebCore::EventHandler::handleMouseDraggedEvent(WebCore::MouseEventWithHitTestResults const&, WebCore::CheckDragHysteresis) 9 com.apple.WebCore 0x11ab66d44 WebCore::EventHandler::handleMouseMoveEvent(WebCore::PlatformMouseEvent const&, WebCore::HitTestResult*, bool) 10 com.apple.WebCore 0x11ab6621c WebCore::EventHandler::mouseMoved(WebCore::PlatformMouseEvent const&) 11 com.apple.WebKit 0x10b6faf84 WebKit::WebFrame::handleMouseEvent(WebKit::WebMouseEvent const&) 12 com.apple.WebKit 0x10b70c10c WebKit::WebPage::mouseEvent(WebCore::ProcessQualified<WTF::ObjectIdentifierGeneric<WebCore::FrameIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>>, WebKit::WebMouseEvent const&, std::__1::optional<WTF::Vector<WebKit::SandboxExtensionHandle, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>>&&) 13 com.apple.WebKit 0x10af3ce50 void IPC::handleMessage<Messages::WebPage::MouseEvent, IPC::Connection, WebKit::WebPage, WebKit::WebPage, void (WebCore::ProcessQualified<WTF::ObjectIdentifierGeneric<WebCore::FrameIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>>, WebKit::WebMouseEvent const&, std::__1::optional<WTF::Vector<WebKit::SandboxExtensionHandle, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>>&&)>(IPC::Connection&, IPC::Decoder&, WebKit::WebPage*, void (WebKit::WebPage::*)(WebCore::ProcessQualified<WTF::ObjectIdentifierGeneric<WebCore::FrameIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>>, WebKit::WebMouseEvent const&, std::__1::optional<WTF::Vector<WebKit::SandboxExtensionHandle, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>>&&)) 14 com.apple.WebKit 0x10af395dc WebKit::WebPage::didReceiveMessage(IPC::Connection&, IPC::Decoder&) 15 com.apple.WebKit 0x10b93ce48 IPC::MessageReceiverMap::dispatchMessage(IPC::Connection&, IPC::Decoder&) 16 com.apple.WebKit 0x10b258ddc WebKit::AuxiliaryProcess::dispatchMessage(IPC::Connection&, IPC::Decoder&) 17 com.apple.WebKit 0x10ae5639c WebKit::AuxiliaryProcess::didReceiveMessage(IPC::Connection&, IPC::Decoder&) 18 com.apple.WebKit 0x10b937550 IPC::Connection::dispatchMessage(WTF::UniqueRef<IPC::Decoder>) 19 com.apple.WebKit 0x10b937700 IPC::Connection::dispatchOneIncomingMessage() 20 com.apple.JavaScriptCore 0x1083a1c04 WTF::RunLoop::performWork() [...] ``` <
rdar://132707082
>
Attachments
Add attachment
proposed patch, testcase, etc.
David Kilzer (:ddkilzer)
Comment 1
2025-05-26 12:41:23 PDT
Pull request:
https://github.com/WebKit/WebKit/pull/45921
EWS
Comment 2
2025-05-27 09:22:28 PDT
Committed
295449@main
(3f5ad67c9783): <
https://commits.webkit.org/295449@main
> Reviewed commits have been landed. Closing PR #45921 and removing active labels.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug