[Webkit-unassigned] [Bug 90814] New: Crash in SVGStopElement::stopColorIncludingOpacity

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Jul 9 12:44:51 PDT 2012 

https://bugs.webkit.org/show_bug.cgi?id=90814

           Summary: Crash in SVGStopElement::stopColorIncludingOpacity
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: SVG
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: schenney at chromium.org
                CC: zimmermann at kde.org


A top crasher in Chrome, on pages containing the Meebo bar, has the following stack. The only real potential cause is a null renderer or style. In an effort to get this crash addressed, while waiting for Bug 86941 and 87373 to be fixed, I'll be putting up a patch to catch null pointers in this code.

Thread 0 *CRASHED* ( EXC_BAD_ACCESS / KERN_PROTECTION_FAILURE @ 0x00000004 )

0x7b6bc17c     [Google Chrome Framework]     - ../../WTF/wtf/RefPtr.h:58]    
WebCore::SVGStopElement::stopColorIncludingOpacity
0x7b6831ac     [Google Chrome Framework]     - SVGGradientElement.cpp:150    
WebCore::SVGGradientElement::buildStops
0x7b68cedd     [Google Chrome Framework]     - SVGLinearGradientElement.cpp:150    
WebCore::SVGLinearGradientElement::collectGradientAttributes
0x7b6066c6     [Google Chrome Framework]     - RenderSVGResourceLinearGradient.cpp:45    
WebCore::RenderSVGResourceLinearGradient::collectGradientAttributes
0x7b6059ad     [Google Chrome Framework]     - RenderSVGResourceGradient.cpp:131    
WebCore::RenderSVGResourceGradient::applyResource
0x7b605db0     [Google Chrome Framework]     + 0x01e78db0]    
non-virtual thunk to WebCore::RenderSVGResourceGradient::applyResource(WebCore::RenderObject*, WebCore::RenderStyle*, WebCore::GraphicsContext*&, unsigned short)
0x7b60e27b     [Google Chrome Framework]     - RenderSVGShape.cpp:254    
WebCore::RenderSVGShape::fillShape
0x7b60e4a0     [Google Chrome Framework]     - RenderSVGShape.cpp:291    
WebCore::RenderSVGShape::fillAndStrokePath
0x7b60e857     [Google Chrome Framework]     - RenderSVGShape.cpp:339    
WebCore::RenderSVGShape::paint

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list