Changeset 216305 in webkit
- Timestamp:
- May 5, 2017 8:27:16 PM (7 years ago)
- Location:
- trunk/Source/WebCore
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebCore/ChangeLog
r216303 r216305 1 2017-05-05 Said Abou-Hallawa <sabouhallawa@apple.com> 2 3 Crash in ImageFrameCache::decodedSizeChanged() after image load cancellation 4 https://bugs.webkit.org/show_bug.cgi?id=171736 5 6 Reviewed by Tim Horton. 7 8 Tests: Covered by run-webkit-tests fast/images/image-formats-support.html 9 --guard-malloc. 10 11 Because an image format is not supported, the ImageObserver of the Image 12 is deleted then the Image itself is deleted. In BitmapImage destructor, 13 we make a call which ends up accessing the deleted ImageObserver. 14 15 To fix this, we need to change the BitImage destructor to avoid calling 16 ImageFrameCache::decodedSizeChanged() since it is not really needed. 17 18 * platform/graphics/BitmapImage.cpp: 19 (WebCore::BitmapImage::~BitmapImage): 20 1 21 2017-05-05 Timothy Horton <timothy_horton@apple.com> 2 22 -
trunk/Source/WebCore/platform/graphics/BitmapImage.cpp
r216293 r216305 62 62 { 63 63 invalidatePlatformData(); 64 stopAnimation(); 64 clearTimer(); 65 m_source.stopAsyncDecodingQueue(); 65 66 } 66 67
Note: See TracChangeset
for help on using the changeset viewer.