Notes |
|
|
svg parsing is asploding with a seg fault
https://www.giffgaff.com/styleguide/images/sprites/social.svg
appears to be the offending svg
==21418== Invalid write of size 4
==21418== at 0x61683C: svgtiny_parse_svg (in /home/vince/dev-netsurf/workspace/netsurf/nsgtk)
==21418== by 0x6154D5: svgtiny_parse_svg (in /home/vince/dev-netsurf/workspace/netsurf/nsgtk)
==21418== by 0x6184B8: svgtiny_parse (in /home/vince/dev-netsurf/workspace/netsurf/nsgtk)
==21418== by 0x52B734: svg_reformat (svg.c:139)
==21418== by 0x4C6CC8: content__reformat (content.c:366)
==21418== by 0x4EB0C3: browser_window_callback (browser.c:1326)
==21418== by 0x4D1E27: hlcache_content_callback (hlcache.c:191)
==21418== by 0x4C6A42: content_broadcast (content.c:765)
==21418== by 0x4C6EFB: content_set_ready (content.c:311)
==21418== by 0x52B198: svg_convert (svg.c:115)
==21418== by 0x4C7117: content_llcache_callback (content.c:286)
==21418== by 0x4D3DAA: llcache_object_notify_users (llcache.c:2981)
==21418== Address 0x1a56954c is 0 bytes after a block of size 156 alloc'd
==21418== at 0x4C28BED: malloc (vg_replace_malloc.c:263)
==21418== by 0x6156C3: svgtiny_parse_svg (in /home/vince/dev-netsurf/workspace/netsurf/nsgtk)
==21418== by 0x6154D5: svgtiny_parse_svg (in /home/vince/dev-netsurf/workspace/netsurf/nsgtk)
==21418== by 0x6184B8: svgtiny_parse (in /home/vince/dev-netsurf/workspace/netsurf/nsgtk)
==21418== by 0x52B734: svg_reformat (svg.c:139)
==21418== by 0x4C6CC8: content__reformat (content.c:366)
==21418== by 0x4EB0C3: browser_window_callback (browser.c:1326)
==21418== by 0x4D1E27: hlcache_content_callback (hlcache.c:191)
==21418== by 0x4C6A42: content_broadcast (content.c:765)
==21418== by 0x4C6EFB: content_set_ready (content.c:311)
==21418== by 0x52B198: svg_convert (svg.c:115)
==21418== by 0x4C7117: content_llcache_callback (content.c:286)
|
|
|
|
with debugging symbols
==27760== Invalid write of size 4
==27760== at 0x615822: svgtiny_parse_path (svgtiny.c:588)
==27760== by 0x614B90: svgtiny_parse_svg (svgtiny.c:347)
==27760== by 0x614AC7: svgtiny_parse_svg (svgtiny.c:338)
==27760== by 0x614359: svgtiny_parse (svgtiny.c:253)
==27760== by 0x52B6E4: svg_reformat (svg.c:139)
==27760== by 0x4C6C78: content__reformat (content.c:366)
==27760== by 0x4EB073: browser_window_callback (browser.c:1326)
==27760== by 0x4D1DD7: hlcache_content_callback (hlcache.c:191)
==27760== by 0x4C69F2: content_broadcast (content.c:765)
==27760== by 0x4C6EAB: content_set_ready (content.c:311)
==27760== by 0x52B148: svg_convert (svg.c:115)
==27760== by 0x4C70C7: content_llcache_callback (content.c:286)
==27760== Address 0x1a5696bc is 0 bytes after a block of size 156 alloc'd
==27760== at 0x4C28BED: malloc (vg_replace_malloc.c:263)
==27760== by 0x614FAE: svgtiny_parse_path (svgtiny.c:457)
==27760== by 0x614B90: svgtiny_parse_svg (svgtiny.c:347)
==27760== by 0x614AC7: svgtiny_parse_svg (svgtiny.c:338)
==27760== by 0x614359: svgtiny_parse (svgtiny.c:253)
==27760== by 0x52B6E4: svg_reformat (svg.c:139)
==27760== by 0x4C6C78: content__reformat (content.c:366)
==27760== by 0x4EB073: browser_window_callback (browser.c:1326)
==27760== by 0x4D1DD7: hlcache_content_callback (hlcache.c:191)
==27760== by 0x4C69F2: content_broadcast (content.c:765)
==27760== by 0x4C6EAB: content_set_ready (content.c:311)
==27760== by 0x52B148: svg_convert (svg.c:115) |
|
|
|
fixed libsvgtiny path allocation so it does not crash, page now renders. although i think we have a bug in the rendering of the svg itself but it does not crash now |
|
|
|
Confirmed resolved in 3.4 release |
|