[Webkit-unassigned] [Bug 45198] New: DeleteDC called while non-stock objects still contained.

Fri Sep 3 14:12:23 PDT 2010

https://bugs.webkit.org/show_bug.cgi?id=45198

           Summary: DeleteDC called while non-stock objects still
                    contained.
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Mac OS X 10.5
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit Misc.
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: bfulgham at webkit.org


BoundsChecker identified a resource leak in WebView.cpp (paint), see line 990-1015.

1. A new compatible device context is created to match our target dc. (line 989).
2. We immediately select our backing store into the DC, which replaces whatever compatible bitmap was in the context.
3. We do stuff...
4. We destroy the context.

BoundsChecker claims this is wrong, because the context still contains our non-stock bitmap in it.

Proposed change:

===================================================================

--- WebView.cpp (revision 66733)
+++ WebView.cpp (working copy)
@@ -987,7 +987,7 @@
     m_paintCount++;

     HDC bitmapDC = ::CreateCompatibleDC(hdc);
-    ::SelectObject(bitmapDC, m_backingStoreBitmap->handle());
+    HGDIOBJ oldBitmap = ::SelectObject(bitmapDC, m_backingStoreBitmap->handle()
);

     // Update our backing store if needed.
     updateBackingStore(frameView, bitmapDC, backingStoreCompletelyDirty, window
sToPaint);
@@ -1012,6 +1012,7 @@
         updateRootLayerContents();
 #endif

+    ::SelectObject(bitmapDC, oldBitmap);
     ::DeleteDC(bitmapDC);

     if (!dc)

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

