[Webkit-unassigned] [Bug 45198] New: DeleteDC called while non-stock objects still contained.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Sep 3 14:12:23 PDT 2010


           Summary: DeleteDC called while non-stock objects still
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Mac OS X 10.5
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit Misc.
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: bfulgham at webkit.org

BoundsChecker identified a resource leak in WebView.cpp (paint), see line 990-1015.

1. A new compatible device context is created to match our target dc. (line 989).
2. We immediately select our backing store into the DC, which replaces whatever compatible bitmap was in the context.
3. We do stuff...
4. We destroy the context.

BoundsChecker claims this is wrong, because the context still contains our non-stock bitmap in it.

Proposed change:

--- WebView.cpp (revision 66733)
+++ WebView.cpp (working copy)
@@ -987,7 +987,7 @@

     HDC bitmapDC = ::CreateCompatibleDC(hdc);
-    ::SelectObject(bitmapDC, m_backingStoreBitmap->handle());
+    HGDIOBJ oldBitmap = ::SelectObject(bitmapDC, m_backingStoreBitmap->handle()

     // Update our backing store if needed.
     updateBackingStore(frameView, bitmapDC, backingStoreCompletelyDirty, window
@@ -1012,6 +1012,7 @@

+    ::SelectObject(bitmapDC, oldBitmap);

     if (!dc)

Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list