[Webkit-unassigned] [Bug 13784] Crash with empty gradient when drawing to canvas

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri May 18 18:22:10 PDT 2007 

http://bugs.webkit.org/show_bug.cgi?id=13784


pewtermoose at gmail.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|Critical                    |Normal
             Status|UNCONFIRMED                 |NEW
     Ever Confirmed|0                           |1
           Keywords|                            |NeedsRadar
           Priority|P2                          |P1




------- Comment #2 from pewtermoose at gmail.com  2007-05-18 18:22 PDT -------
With r21572, I get the following assertion failure:

ASSERTION FAILED: i < size()
(/WebKit/WebKitBuild/Debug/JavaScriptCore.framework/PrivateHeaders/Vector.h:401
T& WTF::Vector<T, inlineCapacity>::at(size_t) [with T =
WebCore::CanvasGradient::ColorStop, long unsigned int inlineCapacity = 0ul])

Thread 0 Crashed:
0   com.apple.WebCore           0x016e5198
WTF::Vector<WebCore::CanvasGradient::ColorStop, (unsigned long)0>::at(unsigned
long) + 120 (Vector.h:401)
1   com.apple.WebCore           0x016e5200
WTF::Vector<WebCore::CanvasGradient::ColorStop, (unsigned long)0>::first() + 36
(Vector.h:433)
2   com.apple.WebCore           0x012b2388
WebCore::CanvasGradient::getColor(float, float*, float*, float*, float*) + 272
(CanvasGradient.cpp:120)
3   com.apple.WebCore           0x012b262c WebCore::gradientCallback(void*,
float const*, float*) + 84 (CanvasGradient.cpp:83)
4   com.apple.CoreGraphics      0x904859d0 CGFunctionEvaluate + 184
5   com.apple.CoreGraphics      0x904f3940 FunctionSamplesCreate + 360
6   com.apple.CoreGraphics      0x904851fc drawAxialShading + 384
7   com.apple.CoreGraphics      0x90484ffc CGContextDrawShading + 172
8   com.apple.WebCore           0x012af88c
WebCore::CanvasRenderingContext2D::fillRect(float, float, float, float, int&) +
476 (CanvasRenderingContext2D.cpp:560)
9   com.apple.WebCore           0x012c2ab0
WebCore::JSCanvasRenderingContext2DPrototypeFunction::callAsFunction(KJS::ExecState*,
KJS::JSObject*, KJS::List const&) + 1696 (JSCanvasRenderingContext2D.cpp:342)
10  com.apple.JavaScriptCore    0x005816f4 KJS::JSObject::call(KJS::ExecState*,
KJS::JSObject*, KJS::List const&) + 288 (object.cpp:98)
11  com.apple.JavaScriptCore    0x005b2d54
KJS::FunctionCallDotNode::evaluate(KJS::ExecState*) + 992 (nodes.cpp:790)
12  com.apple.JavaScriptCore    0x005af414
KJS::ExprStatementNode::execute(KJS::ExecState*) + 220 (nodes.cpp:1723)
13  com.apple.JavaScriptCore    0x005abd58
KJS::SourceElementsNode::execute(KJS::ExecState*) + 624 (nodes.cpp:2529)
14  com.apple.JavaScriptCore    0x0057d220
KJS::BlockNode::execute(KJS::ExecState*) + 216 (nodes.cpp:1700)
15  com.apple.JavaScriptCore    0x0057d370
KJS::DeclaredFunctionImp::execute(KJS::ExecState*) + 92 (function.cpp:319)
16  com.apple.JavaScriptCore    0x0059cad0
KJS::FunctionImp::callAsFunction(KJS::ExecState*, KJS::JSObject*, KJS::List
const&) + 688 (function.cpp:107)
17  com.apple.JavaScriptCore    0x005816f4 KJS::JSObject::call(KJS::ExecState*,
KJS::JSObject*, KJS::List const&) + 288 (object.cpp:98)
18  com.apple.WebCore           0x012ee04c
KJS::JSAbstractEventListener::handleEvent(WebCore::Event*, bool) + 748
(kjs_events.cpp:127)
19  com.apple.WebCore           0x01106c44
WebCore::Document::handleWindowEvent(WebCore::Event*, bool) + 416
(Document.cpp:2313)
20  com.apple.WebCore           0x012ac358
WebCore::EventTargetNode::dispatchWindowEvent(WebCore::AtomicString const&,
bool, bool) + 360 (EventTargetNode.cpp:339)
21  com.apple.WebCore           0x01109b0c WebCore::Document::implicitClose() +
796 (Document.cpp:1363)
22  com.apple.WebCore           0x01495cf4
WebCore::FrameLoader::checkEmitLoadEvent() + 596 (FrameLoader.cpp:1206)
23  com.apple.WebCore           0x014a222c
WebCore::FrameLoader::checkCompleted() + 404 (FrameLoader.cpp:1164)
24  com.apple.WebCore           0x014a35f0
WebCore::FrameLoader::finishedParsing() + 116 (FrameLoader.cpp:1112)
25  com.apple.WebCore           0x01103e88 WebCore::Document::finishedParsing()
+ 84 (Document.cpp:3390)
26  com.apple.WebCore           0x01022980 WebCore::HTMLParser::finished() +
272 (HTMLParser.cpp:1407)
27  com.apple.WebCore           0x01026bb0 WebCore::HTMLTokenizer::end() + 336
(HTMLTokenizer.cpp:1529)
28  com.apple.WebCore           0x01027094 WebCore::HTMLTokenizer::finish() +
1212 (HTMLTokenizer.cpp:1570)
29  com.apple.WebCore           0x01101b68 WebCore::Document::finishParsing() +
84 (Document.cpp:1511)
30  com.apple.WebCore           0x014a562c
WebCore::FrameLoader::endIfNotLoading() + 160 (FrameLoader.cpp:981)
31  com.apple.WebCore           0x014a5688 WebCore::FrameLoader::end() + 44
(FrameLoader.cpp:966)
32  com.apple.WebCore           0x014a9350
WebCore::DocumentLoader::finishedLoading() + 92 (DocumentLoader.cpp:317)
33  com.apple.WebCore           0x0149f664
WebCore::FrameLoader::finishedLoading() + 96 (FrameLoader.cpp:2593)
34  com.apple.WebCore           0x014ab71c
WebCore::MainResourceLoader::didFinishLoading() + 272
(MainResourceLoader.cpp:304)
35  com.apple.WebCore           0x014ad878
WebCore::ResourceLoader::didFinishLoading(WebCore::ResourceHandle*) + 60
36  com.apple.WebCore           0x014829dc -[WebCoreResourceHandleAsDelegate
connectionDidFinishLoading:] + 144 (ResourceHandleMac.mm:370)
37  com.apple.Foundation        0x92c1389c
-[NSURLConnection(NSURLConnectionInternal) _sendDidFinishLoadingCallback] + 188
38  com.apple.Foundation        0x92c11b08
-[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] + 556
39  com.apple.Foundation        0x92c11860 _sendCallbacks + 156
[snip]


-- 
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list