[Webkit-unassigned] [Bug 65420] New: WebKit2 crashes on attempt to decode null image

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Jul 30 16:54:43 PDT 2011 

https://bugs.webkit.org/show_bug.cgi?id=65420

           Summary: WebKit2 crashes on attempt to decode null image
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: WebKit2
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: romaxa at gmail.com


I'm using Qt WebKit2 build http://svn.webkit.org/repository/webkit/trunk@91765 (before Qt5 changes)
open maps.google.com
try to scroll google maps content
Result: crash

Crash start happening after bug 64321 fixed.

#0  0xb55e880d in WebKit::ShareableBitmap::createQImage (this=0x0)
    at ../../../Source/WebKit2/Shared/qt/ShareableBitmapQt.cpp:42
#1  0xb55e89c1 in WebKit::ShareableBitmap::createGraphicsContext (this=0x0)
    at ../../../Source/WebKit2/Shared/qt/ShareableBitmapQt.cpp:56
#2  0xb55d0692 in CoreIPC::encodeImage (encoder=0xacc28758, image=0x9786a58)
    at ../../../Source/WebKit2/Shared/WebCoreArgumentCoders.cpp:294
#3  0xb55d0927 in CoreIPC::ArgumentCoder<WebCore::Cursor>::encode (
    encoder=0xacc28758, cursor=...)
    at ../../../Source/WebKit2/Shared/WebCoreArgumentCoders.cpp:324
#4  0xb563a720 in CoreIPC::ArgumentEncoder::encode<WebCore::Cursor> (
    this=0xacc28758, t=...)
    at ../../../Source/WebKit2/Platform/CoreIPC/ArgumentEncoder.h:66
#5  0xb563a634 in CoreIPC::Arguments1<WebCore::Cursor const&>::encode (
    this=0xbfd4bf9c, encoder=0xacc28758)
    at ../../../Source/WebKit2/Platform/CoreIPC/Arguments.h:72
#6  0xb563a3b5 in CoreIPC::ArgumentCoder<Messages::WebPageProxy::SetCursor>::encode (encoder=0xacc28758, t=...)
    at ../../../Source/WebKit2/Platform/CoreIPC/ArgumentCoder.h:39
#7  0xb5639ed6 in CoreIPC::ArgumentEncoder::encode<Messages::WebPageProxy::SetCursor> (this=0xacc28758, t=...)
    at ../../../Source/WebKit2/Platform/CoreIPC/ArgumentEncoder.h:66
#8  0xb5638fe8 in CoreIPC::MessageSender<WebKit::WebPage>::send<Messages::WebPageProxy::SetCursor> (this=0xb0c00b10, message=..., destinationID=1)
---Type <return> to continue, or q <return> to quit---
    at ../../../Source/WebKit2/Platform/CoreIPC/MessageSender.h:44
#9  0xb56378f7 in CoreIPC::MessageSender<WebKit::WebPage>::send<Messages::WebPageProxy::SetCursor> (this=0xb0c00b10, message=...)
    at ../../../Source/WebKit2/Platform/CoreIPC/MessageSender.h:38
#10 0xb56352d3 in WebKit::WebChromeClient::setCursor (this=0xb0c00488, 
    cursor=...)
    at ../../../Source/WebKit2/WebProcess/WebCoreSupport/WebChromeClient.cpp:648
#11 0xb5b0f9b7 in WebCore::Chrome::setCursor (this=0xb0c00fb8, cursor=...)
    at ../../../Source/WebCore/page/Chrome.cpp:487
#12 0xb5dd9d99 in QXmlStreamAttribute::namespaceUri (this=0xbfd4c0a0)
    at /usr/include/qt4/QtCore/qxmlstream.h:148
#13 0xb5b3862f in WebCore::EventHandler::handleMouseReleaseEvent (
    this=0x9668f44, mouseEvent=...)
    at ../../../Source/WebCore/page/EventHandler.cpp:1718
#14 0xb5b37e87 in WebCore::EventHandler::handleMouseMoveEvent (this=0x9668f44, 
    mouseEvent=..., hoveredNode=0xbfd4c178)
    at ../../../Source/WebCore/page/EventHandler.cpp:1636
#15 0xb5578f14 in WebKit::handleMouseEvent (mouseEvent=..., page=0xb0c00f00)
    at ../../../Source/WebKit2/WebProcess/WebPage/WebPage.cpp:1053
#16 0xb5579034 in WebKit::WebPage::mouseEvent (this=0xb0c00b10, mouseEvent=...)
    at ../../../Source/WebKit2/WebProcess/WebPage/WebPage.cpp:1079
#17 0xb559f779 in CoreIPC::callMemberFunction<WebKit::WebPage, void (WebKit::Web---Type <return> to continue, or q <return> to quit---
Page::*)(WebKit::WebMouseEvent const&), WebKit::WebMouseEvent> (args=..., 
    object=0xb0c00b10, function=
    (void (WebKit::WebPage::*)(WebKit::WebPage *, const WebKit::WebMouseEvent &)) 0xb5578f60 <WebKit::WebPage::mouseEvent(WebKit::WebMouseEvent const&)>)
    at ../../../Source/WebKit2/Platform/CoreIPC/HandleMessage.h:19
#18 0xb559d553 in CoreIPC::handleMessage<Messages::WebPage::MouseEvent, WebKit::WebPage, void (WebKit::WebPage::*)(WebKit::WebMouseEvent const&)> (
    argumentDecoder=0x9a18628, object=0xb0c00b10, function=
    (void (WebKit::WebPage::*)(WebKit::WebPage *, const WebKit::WebMouseEvent &)) 0xb5578f60 <WebKit::WebPage::mouseEvent(WebKit::WebMouseEvent const&)>)
    at ../../../Source/WebKit2/Platform/CoreIPC/HandleMessage.h:277
#19 0xb559be44 in WebKit::WebPage::didReceiveWebPageMessage (this=0xb0c00b10, 
    messageID=..., arguments=0x9a18628)
    at generated/WebPageMessageReceiver.cpp:104
#20 0xb557d00f in WebKit::WebPage::didReceiveMessage (this=0xb0c00b10, 
    connection=0x963a528, messageID=..., arguments=0x9a18628)
    at ../../../Source/WebKit2/WebProcess/WebPage/WebPage.cpp:2086
#21 0xb558950b in WebKit::WebProcess::didReceiveMessage (this=0x963a190, 
    connection=0x963a528, messageID=..., arguments=0x9a18628)
    at ../../../Source/WebKit2/WebProcess/WebProcess.cpp:641
#22 0xb55b80bc in CoreIPC::Connection::dispatchMessage (this=0x963a528, 
    message=...) at ../../../Source/WebKit2/Platform/CoreIPC/Connection.cpp:677
#23 0xb55b8265 in CoreIPC::Connection::dispatchMessages (this=0x963a528)
---Type <return> to continue, or q <return> to quit---
    at ../../../Source/WebKit2/Platform/CoreIPC/Connection.cpp:704
#24 0xb55c0a21 in MemberFunctionWorkItem0<CoreIPC::Connection>::execute (
    this=0x99f6c10) at ../../../Source/WebKit2/Platform/WorkItem.h:79
#25 0xb54be18d in RunLoop::performWork (this=0x9638048)
    at ../../../Source/WebKit2/Platform/RunLoop.cpp:63
#26 0xb54bf164 in RunLoop::TimerObject::performWork (this=0x9525840)
    at ../../../Source/WebKit2/Platform/qt/RunLoopQt.cpp:49
#27 0xb54bfc16 in RunLoop::TimerObject::qt_metacall (this=0x9525840, 
    _c=QMetaObject::InvokeMetaMethod, _id=0, _a=0x98f49d8)
    at ./RunLoopQt.moc:71
#28 0xb2a36e4d in QMetaObject::metacall(QObject*, QMetaObject::Call, int, void**) () from /usr/lib/libQtCore.so.4
#29 0xb2a41795 in QMetaCallEvent::placeMetaCall(QObject*) ()
   from /usr/lib/libQtCore.so.4
#30 0xb2a48caf in QObject::event(QEvent*) () from /usr/lib/libQtCore.so.4
#31 0xb2e090a4 in QApplicationPrivate::notify_helper(QObject*, QEvent*) ()
   from /usr/lib/libQtGui.so.4
#32 0xb2e0e432 in QApplication::notify(QObject*, QEvent*) ()
   from /usr/lib/libQtGui.so.4
#33 0xb2a30a9e in QCoreApplication::notifyInternal(QObject*, QEvent*) ()
   from /usr/lib/libQtCore.so.4
#34 0xb2a34264 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/lib/libQtCore.so.4

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list