Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1509509 - [abrt] webkitgtk4: WTF::Vector<GIFLZWBlock, 0ul, WTF::CrashOnOverflow, 16ul>::append<GIFLZWBlock>(): WebKitWebProcess killed by SIGSEGV
Summary: [abrt] webkitgtk4: WTF::Vector<GIFLZWBlock, 0ul, WTF::CrashOnOverflow, 16ul>:...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: webkitgtk4
Version: 27
Hardware: x86_64
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Tomas Popela
QA Contact: Fedora Extras Quality Assurance
URL: https://retrace.fedoraproject.org/faf...
Whiteboard: abrt_hash:ba1b85d4a5b03cddafafdaf5ea5...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-11-04 08:42 UTC by Štefan Gurský
Modified: 2017-11-04 16:27 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-11-04 16:27:48 UTC


Attachments (Terms of Use)
File: backtrace (deleted)
2017-11-04 08:42 UTC, Štefan Gurský
no flags Details
File: cgroup (deleted)
2017-11-04 08:42 UTC, Štefan Gurský
no flags Details
File: core_backtrace (deleted)
2017-11-04 08:42 UTC, Štefan Gurský
no flags Details
File: cpuinfo (deleted)
2017-11-04 08:42 UTC, Štefan Gurský
no flags Details
File: dso_list (deleted)
2017-11-04 08:42 UTC, Štefan Gurský
no flags Details
File: environ (deleted)
2017-11-04 08:42 UTC, Štefan Gurský
no flags Details
File: exploitable (deleted)
2017-11-04 08:42 UTC, Štefan Gurský
no flags Details
File: limits (deleted)
2017-11-04 08:42 UTC, Štefan Gurský
no flags Details
File: maps (deleted)
2017-11-04 08:42 UTC, Štefan Gurský
no flags Details
File: open_fds (deleted)
2017-11-04 08:42 UTC, Štefan Gurský
no flags Details
File: proc_pid_status (deleted)
2017-11-04 08:42 UTC, Štefan Gurský
no flags Details
File: var_log_messages (deleted)
2017-11-04 08:42 UTC, Štefan Gurský
no flags Details

Description Štefan Gurský 2017-11-04 08:42:14 UTC
Description of problem:
I was reading through https://futurism.com/reprogramming-an-organisms-mating-habits-could-create-a-safer-future/ and after scrolling about halfway down the page, I got crash.
After restart I got another one (I think this report is for the second one). Again after scrolling down the page but this time to a different place).

Version-Release number of selected component:
webkitgtk4-2.18.1-1.fc27

Additional info:
reporter:       libreport-2.9.2
backtrace_rating: 4
cmdline:        /usr/libexec/webkit2gtk-4.0/WebKitWebProcess 38
crash_function: WTF::Vector<GIFLZWBlock, 0ul, WTF::CrashOnOverflow, 16ul>::append<GIFLZWBlock>
executable:     /usr/libexec/webkit2gtk-4.0/WebKitWebProcess
journald_cursor: s=1e38bd1ef49d4a27b41043fd5dfe0bd7;i=53ae6;b=f3286272c1e1457c8f6dca222caea2f9;m=2072561be4;t=55d234429914b;x=e2700ba96e66d950
kernel:         4.13.9-300.fc27.x86_64
rootdir:        /
runlevel:       N 5
type:           CCpp
uid:            1000

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 WTF::Vector<GIFLZWBlock, 0ul, WTF::CrashOnOverflow, 16ul>::append<GIFLZWBlock> at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WTF/wtf/Vector.h:1233
 #1 WTF::Vector<GIFLZWBlock, 0ul, WTF::CrashOnOverflow, 16ul>::append at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WTF/wtf/Vector.h:724
 #2 GIFFrameContext::addLzwBlock at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/image-decoders/gif/GIFImageReader.h:198
 #3 GIFImageReader::parse at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:423
 #4 GIFImageReader::decode at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/image-decoders/gif/GIFImageReader.cpp:360
 #5 WebCore::GIFImageDecoder::decode at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:349
 #6 WebCore::GIFImageDecoder::frameCount at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:67
 #7 WebCore::GIFImageDecoder::frameBufferAtIndex at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp:144
 #8 WebCore::ImageDecoder::createFrameImageAtIndex at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/image-decoders/ImageDecoder.cpp:218
 #9 WebCore::ImageFrameCache::frameAtIndexCacheIfNeeded at /usr/src/debug/webkitgtk4-2.18.1-1.fc27.x86_64/Source/WebCore/platform/graphics/ImageFrameCache.cpp:379

Comment 1 Štefan Gurský 2017-11-04 08:42:21 UTC
Created attachment 1347679 [details]
File: backtrace

Comment 2 Štefan Gurský 2017-11-04 08:42:23 UTC
Created attachment 1347680 [details]
File: cgroup

Comment 3 Štefan Gurský 2017-11-04 08:42:26 UTC
Created attachment 1347681 [details]
File: core_backtrace

Comment 4 Štefan Gurský 2017-11-04 08:42:27 UTC
Created attachment 1347682 [details]
File: cpuinfo

Comment 5 Štefan Gurský 2017-11-04 08:42:30 UTC
Created attachment 1347683 [details]
File: dso_list

Comment 6 Štefan Gurský 2017-11-04 08:42:32 UTC
Created attachment 1347684 [details]
File: environ

Comment 7 Štefan Gurský 2017-11-04 08:42:33 UTC
Created attachment 1347685 [details]
File: exploitable

Comment 8 Štefan Gurský 2017-11-04 08:42:35 UTC
Created attachment 1347686 [details]
File: limits

Comment 9 Štefan Gurský 2017-11-04 08:42:38 UTC
Created attachment 1347687 [details]
File: maps

Comment 10 Štefan Gurský 2017-11-04 08:42:40 UTC
Created attachment 1347688 [details]
File: open_fds

Comment 11 Štefan Gurský 2017-11-04 08:42:42 UTC
Created attachment 1347689 [details]
File: proc_pid_status

Comment 12 Štefan Gurský 2017-11-04 08:42:44 UTC
Created attachment 1347690 [details]
File: var_log_messages

Comment 13 Michael Catanzaro 2017-11-04 16:27:48 UTC
I think this one's probably fixed in 2.18.2, which added a bunch of locking in the GIF decoder.


Note You need to log in before you can comment on or make changes to this bug.