[Webkit-unassigned] [Bug 182282] New: [WinCairo] NULL pointer crash in GraphicsContext::getWindowsContext

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Jan 30 00:22:33 PST 2018


https://bugs.webkit.org/show_bug.cgi?id=182282

            Bug ID: 182282
           Summary: [WinCairo] NULL pointer crash in
                    GraphicsContext::getWindowsContext
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Layout and Rendering
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: christopher.reid at am.sony.com
                CC: bfulgham at webkit.org, simon.fraser at apple.com,
                    zalan at apple.com

GraphicsContext::m_data is null and dereferenced in GraphicsContextWin.cpp GraphicsContext::getWindowsContext. This is happening when loading a lot of websites such as youtube.com.

Call stack:
        WebKit.dll!WebCore::GraphicsContext::getWindowsContext(const WebCore::IntRect & dstRect, bool supportAlphaBlend, bool mayCreateBitmap) Line 106 C++     Symbols loaded.
        [Inline Frame] WebKit.dll!WebCore::LocalWindowsContext::{ctor}(WebCore::GraphicsContext &) Line 43      C++     Symbols loaded.
        WebKit.dll!WebCore::ScrollbarThemeWin::paintButton(WebCore::GraphicsContext & context, WebCore::Scrollbar & scrollbar, const WebCore::IntRect & rect, WebCore::ScrollbarPart part) Line 342     C++     Symbols loaded.
        WebKit.dll!WebCore::ScrollbarThemeComposite::paint(WebCore::Scrollbar & scrollbar, WebCore::GraphicsContext & graphicsContext, const WebCore::IntRect & damageRect) Line 84     C++     Symbols loaded.
        WebKit.dll!WebCore::Scrollbar::paint(WebCore::GraphicsContext & context, const WebCore::IntRect & damageRect, WebCore::Widget::SecurityOriginPaintPolicy __formal) Line 169     C++     Symbols loaded.
        WebKit.dll!WebCore::paintScrollbar(WebCore::Scrollbar * scrollbar, WebCore::GraphicsContext & context, const WebCore::IntRect & clip) Line 2756 C++     Symbols loaded.
        WebKit.dll!WebCore::RenderLayerCompositor::paintContents(const WebCore::GraphicsLayer * graphicsLayer, WebCore::GraphicsContext & context, unsigned int __formal, const WebCore::FloatRect & clip, unsigned int __formal) Line 2766     C++     Symbols loaded.
        WebKit.dll!WebCore::GraphicsLayer::paintGraphicsLayerContents(WebCore::GraphicsContext & context, const WebCore::FloatRect & clip, unsigned int layerPaintBehavior) Line 435    C++     Symbols loaded.
        WebKit.dll!WebCore::BitmapTexture::updateContents(WebCore::TextureMapper & __formal, WebCore::GraphicsLayer * sourceLayer, const WebCore::IntRect & targetRect, const WebCore::IntPoint & offset, WebCore::BitmapTexture::UpdateContentsFlag updateContentsFlag, float scale) Line 57   C++     Symbols loaded.
        WebKit.dll!WebCore::TextureMapperTile::updateContents(WebCore::TextureMapper & textureMapper, WebCore::GraphicsLayer * sourceLayer, const WebCore::IntRect & dirtyRect, WebCore::BitmapTexture::UpdateContentsFlag updateContentsFlag, float scale) Line 68     C++     Symbols loaded.
        WebKit.dll!WebCore::TextureMapperTiledBackingStore::updateContents(WebCore::TextureMapper & textureMapper, WebCore::GraphicsLayer * sourceLayer, const WebCore::FloatSize & totalSize, const WebCore::IntRect & dirtyRect, WebCore::BitmapTexture::UpdateContentsFlag updateContentsFlag) Line 163      C++     Symbols loaded.
        WebKit.dll!WebCore::GraphicsLayerTextureMapper::updateBackingStoreIfNeeded() Line 552   C++     Symbols loaded.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180130/d4d33700/attachment.html>


More information about the webkit-unassigned mailing list