Bug 54142

Summary: Crash in DrawingAreaProxyImpl::paint when WKView paints after being resized while hidden
Product: WebKit Reporter: Adam Roben (:aroben) <aroben>
Component: Layout and RenderingAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: andersca
Priority: P2 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Bug Depends on: 54141    
Bug Blocks: 53805    
Attachments:
Description Flags
Notice when the backing store goes away after DidSetSize darin: review+

Adam Roben (:aroben)
Reported 2011-02-09 14:07:22 PST
If WKView is resized while hidden (and you don't run into bug 54141, because it's been fixed), and is then shown and asked to paint, you'll crash inside DrawingAreaProxyImpl::paint due to a null BackingStore. The crashing line is this: m_backingStore->paint(context, rect); m_backingStore is null. Here's the backtrace: > WebKit.dll!WTF::OwnPtr<WebKit::BackingStore>::operator->() Line 66 + 0x35 bytes C++ WebKit.dll!WebKit::DrawingAreaProxyImpl::paint(HDC__ * context=0xaa011176, const WebCore::IntRect & rect={...}, WebKit::Region & unpaintedRegion={...}) Line 83 + 0x13 bytes C++ WebKit.dll!WebKit::WebView::onPaintEvent(HWND__ * hWnd=0x00120418, unsigned int message=15, unsigned int __formal=0, unsigned int __formal=0, bool & handled=true) Line 427 C++ WebKit.dll!WebKit::WebView::wndProc(HWND__ * hWnd=0x00120418, unsigned int message=15, unsigned int wParam=0, long lParam=0) Line 127 + 0x1c bytes C++ WebKit.dll!WebKit::WebView::WebViewWndProc(HWND__ * hWnd=0x00120418, unsigned int message=15, unsigned int wParam=0, long lParam=0) Line 97 + 0x18 bytes C++ user32.dll!_InternalCallWinProc@20() + 0x28 bytes
Attachments
Notice when the backing store goes away after DidSetSize (4.12 KB, patch)
2011-02-09 14:16 PST, Adam Roben (:aroben) 		darin: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Adam Roben (:aroben)
Comment 1 2011-02-09 14:08:06 PST
<rdar://problem/8979365>
Adam Roben (:aroben)
Comment 2 2011-02-09 14:16:04 PST
Created attachment 81874 [details] Notice when the backing store goes away after DidSetSize
Adam Roben (:aroben)
Comment 3 2011-02-10 04:43:16 PST
Committed r78199: <http://trac.webkit.org/changeset/78199>
Anders Carlsson
Comment 4 2011-02-10 14:50:38 PST
*** Bug 54247 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.