[Webkit-unassigned] [Bug 119818] [Windows] Test fails in DRT, succeeds in WinLauncher
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Aug 15 18:06:27 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=119818
--- Comment #1 from Brent Fulgham <bfulgham at webkit.org> 2013-08-15 18:06:01 PST ---
This happens when the large blank rectangle in the test is changed to something with a border. This causes us to switch from a plain layer with a color background to a tiled layer.
When the switch from flat to tiled layers is made, the old "background color" layer is destroyed. However, a pointer to this destroyed layer is left in the parent containing layer.
Later, when we switch to using a tiling layer, we attempt to grab the sublayers of the "flat" layer we are replacing. Unfortunately, the sole sublayer is a dangling pointer to our "destroyed" "background color" layer. When we attempt to dereference this NULL pointer we get a crash.
The solution proposed in this bug is to remove the layer from its superlayer during the destruction process.
We could also add null-pointer checking in the PlatformCALayerWinInternall::getSublayers method, but removing the sublayer prevents the corrupt entry from being present.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list