Bug 66691 - [chromium] Fix nullptr deref when switching composited tabs
Summary: [chromium] Fix nullptr deref when switching composited tabs
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Adrienne Walker
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-08-22 11:23 PDT by Adrienne Walker
Modified: 2011-08-22 11:50 PDT (History)
3 users (show)

See Also:

Attachments
Patch (1.35 KB, patch)
2011-08-22 11:23 PDT, Adrienne Walker 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Adrienne Walker 2011-08-22 11:23:05 PDT 
[chromium] Fix nullptr deref when switching composited tabs
Comment 1 Adrienne Walker 2011-08-22 11:23:30 PDT 
Created attachment 104701 [details]
Patch
Comment 2 Adrienne Walker 2011-08-22 11:26:28 PDT 
http://code.google.com/p/chromium/issues/detail?id=93739

I am not completely sure how to repro this locally, but the stack trace makes it obvious that the protect is being called on the root layer, but the tiler is null.

My theory is that compositing is on (so the root layer gets created), but the tab gets switched away from (causing the protect call) prior to a compositing pass (where the tiler would get created).
Comment 3 James Robinson 2011-08-22 11:35:59 PDT 
Comment on attachment 104701 [details]
Patch

Hm, whoops.  It'd be nice if we had a way to test background tabs more directly (I think you could hook up a browser_test to do this, although I dunno how they interact with the compositor).
Comment 4 WebKit Review Bot 2011-08-22 11:49:56 PDT 
Comment on attachment 104701 [details]
Patch

Clearing flags on attachment: 104701

Committed r93526: <http://trac.webkit.org/changeset/93526>
Comment 5 WebKit Review Bot 2011-08-22 11:50:01 PDT 
All reviewed patches have been landed.  Closing bug.