1042041 - Crash in ContentHostBase::Composite while dereferencing null pointer bigImgIter

Status: RESOLVED FIXED

(Core :: Graphics: Layers, defect)

Description

[Nicolas Silva [:nical]]

This crash inside the assertion in a debug build here:
http://dxr.mozilla.org/mozilla-central/source/gfx/layers/composite/ContentHost.cpp?from=ContentHost.cpp&case=true#128

The if branch containing the assertion should not be taken if bigImgIter is null.

Comment 1

[Nicolas Silva [:nical]]

Attachment: Fix.

Comment 2

[Nicolas Silva [:nical]]

Comment on attachment 8460180 [details] [diff] [review]
Fix.

Nevermind, the problem is that the surface on white is a big-image while the other is not. they should either both be big-images, or both not be big-images.

Comment 3

[Sotaro Ikeda [:sotaro]]

nical, did you upload correct patch to attachment 8460180 [details] [diff] [review]? I can not see valid code there.

Comment 4

[Nicolas Silva [:nical]]

(In reply to Sotaro Ikeda [:sotaro PTO July/25 - Aug/3] from comment #3)
> nical, did you upload correct patch to attachment 8460180 [details] [diff] [review]
> [review]? I can not see valid code there.

I have a patch locally that makes the assertions more explicit about the issue, but this bug can only be caused caused by bug 1042052 so I haven't made up my mind about whether what I have locally is worth checking in. I'll obsolete attachment 8460180 [details] [diff] [review] to make it clear that we don't want to land it.

Comment 5

[Nicolas Silva [:nical]]

Comment on attachment 8460180 [details] [diff] [review]
Fix.

Oh! now I understand what you meant, Sotaro. I attached an empty patch. I thought you meant that the solution was inadequate which is also true.

Comment 6

[Nicolas Silva [:nical]]

Bug 1042052 fixed this.