Summary: | [chromium] Crash in WebCore::GraphicsLayerChromium::setContentsToImage | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Nick Carter <nick> | ||||
Component: | Layout and Rendering | Assignee: | Nobody <webkit-unassigned> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | Normal | CC: | hclam, inferno, jamesr, nick, senorblanco, simon.fraser, webkit.review.bot | ||||
Priority: | P2 | ||||||
Version: | 528+ (Nightly build) | ||||||
Hardware: | All | ||||||
OS: | Unspecified | ||||||
URL: | http://code.google.com/p/chromium/issues/detail?id=138677 | ||||||
Bug Depends on: | |||||||
Bug Blocks: | 99207 | ||||||
Attachments: |
|
Description
Nick Carter
2012-10-04 15:17:20 PDT
Created attachment 167188 [details]
Patch
Comment on attachment 167188 [details]
Patch
R=me. Thanks for tracking this down!
Note that null ptr crashes are not security bugs. Please don't use the security template for such bugs in the future. @inferno -- that's what I thought, but I figured I'd rather be wrong in this direction than in the other direction. (In reply to comment #4) > @inferno -- that's what I thought, but I figured I'd rather be wrong in this direction than in the other direction. Feel free to poke us anytime on chat :) Comment on attachment 167188 [details] Patch Rejecting attachment 167188 [details] from commit-queue. nick@chromium.org does not have committer permissions according to http://trac.webkit.org/browser/trunk/Tools/Scripts/webkitpy/common/config/committers.py. - If you do not have committer rights please read http://webkit.org/coding/contributing.html for instructions on how to use bugzilla flags. - If you have committer rights please correct the error in Tools/Scripts/webkitpy/common/config/committers.py by adding yourself to the file (no review needed). The commit-queue restarts itself every 2 hours. After restart the commit-queue will correctly respect your committer rights. Comment on attachment 167188 [details] Patch Rejecting attachment 167188 [details] from commit-queue. Failed to run "['/mnt/git/webkit-commit-queue/Tools/Scripts/webkit-patch', '--status-host=queues.webkit.org', '-..." exit_code: 2 Last 500 characters of output: Auto-merging Source/WebCore/ChangeLog CONFLICT (content): Merge conflict in Source/WebCore/ChangeLog Failed to merge in the changes. Patch failed at 0001 Try to fix the build. When you have resolved this problem run "git rebase --continue". If you would prefer to skip this patch, instead run "git rebase --skip". To restore the original branch and stop rebasing run "git rebase --abort". rebase refs/remotes/origin/master: command returned error: 1 Died at Tools/Scripts/update-webkit line 164. Full output: http://queues.webkit.org/results/14183550 Comment on attachment 167188 [details] Patch Clearing flags on attachment: 167188 Committed r130610: <http://trac.webkit.org/changeset/130610> All reviewed patches have been landed. Closing bug. The ref test is failing on Mac. What does the failure look like? The partial image is black. This is probably an OS-level thing. The reftest is based on the assumption that a broken image will render the same regardless of whether or not it has an identity transform applied (in this case, a z-transform of zero). If that assumption is invalid for the Mac port, we can change this test so that it's not a reftest -- all I really needed was a "doesn't crash" expectation; making it a reftest was gravy. Please let me know if you'd like me to relax the test in that way. Yes, you should change the test. A 'do not crash' test should never be a ref test anyway, because those are more expensive to run. The new test can use internals.layerTreeAsText() to verify that the image is going into a compositing layer. Oh, and we should have a separate bug on the fact that the image is black on Mac. It's bad to leave the test failing for so long. I'm gonna make it an ImageOnlyFailure in Mac TestExpectations. |