Crash in ContentHostBase::Composite while dereferencing null pointer bigImgIter

RESOLVED FIXED in mozilla34

Status

()

Core
Graphics: Layers
RESOLVED FIXED
4 years ago
4 years ago

People

(Reporter: nical, Assigned: nical)

Tracking

unspecified
mozilla34
x86_64
Linux
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 obsolete attachment)

(Assignee)

Description

4 years ago
This crash inside the assertion in a debug build here:
http://dxr.mozilla.org/mozilla-central/source/gfx/layers/composite/ContentHost.cpp?from=ContentHost.cpp&case=true#128

The if branch containing the assertion should not be taken if bigImgIter is null.
(Assignee)

Comment 1

4 years ago
Created attachment 8460180 [details] [diff] [review]
Fix.
Attachment #8460180 - Flags: review?(jmuizelaar)
(Assignee)

Comment 2

4 years ago
Comment on attachment 8460180 [details] [diff] [review]
Fix.

Nevermind, the problem is that the surface on white is a big-image while the other is not. they should either both be big-images, or both not be big-images.
Attachment #8460180 - Flags: review?(jmuizelaar)
(Assignee)

Updated

4 years ago
Depends on: 1042052
nical, did you upload correct patch to attachment 8460180 [details] [diff] [review]? I can not see valid code there.
Flags: needinfo?(nical.bugzilla)
(Assignee)

Comment 4

4 years ago
(In reply to Sotaro Ikeda [:sotaro PTO July/25 - Aug/3] from comment #3)
> nical, did you upload correct patch to attachment 8460180 [details] [diff] [review]
> [review]? I can not see valid code there.

I have a patch locally that makes the assertions more explicit about the issue, but this bug can only be caused caused by bug 1042052 so I haven't made up my mind about whether what I have locally is worth checking in. I'll obsolete attachment 8460180 [details] [diff] [review] to make it clear that we don't want to land it.
Flags: needinfo?(nical.bugzilla)
(Assignee)

Comment 5

4 years ago
Comment on attachment 8460180 [details] [diff] [review]
Fix.

Oh! now I understand what you meant, Sotaro. I attached an empty patch. I thought you meant that the solution was inadequate which is also true.
Attachment #8460180 - Attachment is obsolete: true
(Assignee)

Comment 6

4 years ago
Bug 1042052 fixed this.
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla34
You need to log in before you can comment on or make changes to this bug.