54142 – Crash in DrawingAreaProxyImpl::paint when WKView paints after being resized while hidden

RESOLVED FIXED Bug 54142

Crash in DrawingAreaProxyImpl::paint when WKView paints after being resized while hidden

https://bugs.webkit.org/show_bug.cgi?id=54142

Summary Crash in DrawingAreaProxyImpl::paint when WKView paints after being resized w...

Adam Roben (:aroben)

Reported 2011-02-09 14:07:22 PST

If WKView is resized while hidden (and you don't run into bug 54141, because it's been fixed), and is then shown and asked to paint, you'll crash inside DrawingAreaProxyImpl::paint due to a null BackingStore. The crashing line is this: m_backingStore->paint(context, rect); m_backingStore is null. Here's the backtrace: > WebKit.dll!WTF::OwnPtr<WebKit::BackingStore>::operator->() Line 66 + 0x35 bytes C++ WebKit.dll!WebKit::DrawingAreaProxyImpl::paint(HDC__ * context=0xaa011176, const WebCore::IntRect & rect={...}, WebKit::Region & unpaintedRegion={...}) Line 83 + 0x13 bytes C++ WebKit.dll!WebKit::WebView::onPaintEvent(HWND__ * hWnd=0x00120418, unsigned int message=15, unsigned int __formal=0, unsigned int __formal=0, bool & handled=true) Line 427 C++ WebKit.dll!WebKit::WebView::wndProc(HWND__ * hWnd=0x00120418, unsigned int message=15, unsigned int wParam=0, long lParam=0) Line 127 + 0x1c bytes C++ WebKit.dll!WebKit::WebView::WebViewWndProc(HWND__ * hWnd=0x00120418, unsigned int message=15, unsigned int wParam=0, long lParam=0) Line 97 + 0x18 bytes C++ user32.dll!_InternalCallWinProc@20() + 0x28 bytes

Attachments
Notice when the backing store goes away after DidSetSize (4.12 KB, patch) 2011-02-09 14:16 PST, Adam Roben (:aroben)	darin: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Adam Roben (:aroben)

Comment 1 2011-02-09 14:08:06 PST

<rdar://problem/8979365>

Adam Roben (:aroben)

Comment 2 2011-02-09 14:16:04 PST

Created attachment 81874 [details] Notice when the backing store goes away after DidSetSize

Adam Roben (:aroben)

Comment 3 2011-02-10 04:43:16 PST

Committed r78199: <http://trac.webkit.org/changeset/78199>

Anders Carlsson

Comment 4 2011-02-10 14:50:38 PST

*** Bug 54247 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware All

OS All

Product WebKit

Component Layout and Rendering

Assignee

Nobody

Reported

2011-02-09 14:07 PST

Modified

2011-02-10 14:52 PST History

CC List

1 user Show

URL

Keywords InRadar

Duplicates (1)

54247 View as bug list

Depends on

54141

Blocks

53805

Dependancies

tree graph