1359462 - wr_dp_new_clip_region tries to make a slice using a nullptr

Status: RESOLVED FIXED

(Core :: Graphics: WebRender, enhancement, P3)

Description

[Kartikaya Gupta (email:kats@mozilla.staktrace.com)]

See bug 1357734 comment 13 for backstory. Any call to DisplayListBuilder::BuildClipRegion(rect, mask) will pass nullptr as the complex clip list pointer down to rust code, which passes that nullptr directly into slice::from_raw_parts [1], which is not allowed per the from_raw_parts documentation.

This is potentially the cause of bug 1357734, although I'm not sure about that yet.

[1] http://searchfox.org/mozilla-central/rev/baf47b352e873d4516d7656186d6d7c7447d3873/gfx/webrender_bindings/src/bindings.rs#1119

Comment 1

[Kartikaya Gupta (email:kats@mozilla.staktrace.com)]

https://treeherder.mozilla.org/#/jobs?repo=try&revision=f8d00a9b28d34952d9df5a45f51ccc195d812ef7

^ I wrote the patches based on master originally and pushed to try. I had to rebase onto graphics which was slightly nontrivial. I think it makes more sense to land on graphics.

Comment 2

[Kartikaya Gupta (email:kats@mozilla.staktrace.com)]

Attachment: Bug 1359462 - Ensure we don't pass a nullptr to slice::from_raw_parts.

Review commit: https://reviewboard.mozilla.org/r/133506/diff/#index_header
See other reviews: https://reviewboard.mozilla.org/r/133506/

Comment 3

[Kartikaya Gupta (email:kats@mozilla.staktrace.com)]

Attachment: Bug 1359462 - Don't create a slice using a null pointer when convering the list of WrComplexClipRegion to ComplexClipRegion.

Review commit: https://reviewboard.mozilla.org/r/133508/diff/#index_header
See other reviews: https://reviewboard.mozilla.org/r/133508/

Comment 4

[Kartikaya Gupta (email:kats@mozilla.staktrace.com)]

https://treeherder.mozilla.org/#/jobs?repo=try&revision=1ec4085ba33f0dff556c7d99d14f6f962ab6f850

^ push to try after rebase to graphics.

Comment 5

[Kartikaya Gupta (email:kats@mozilla.staktrace.com)]

Whoops, screwed that up. New patches coming.

Comment 6

[Kartikaya Gupta (email:kats@mozilla.staktrace.com)]

Comment on attachment 8861531 [details]
Bug 1359462 - Ensure we don't pass a nullptr to slice::from_raw_parts.

Review request updated; see interdiff: https://reviewboard.mozilla.org/r/133506/diff/1-2/

Comment 7

[Kartikaya Gupta (email:kats@mozilla.staktrace.com)]

Comment on attachment 8861532 [details]
Bug 1359462 - Don't create a slice using a null pointer when convering the list of WrComplexClipRegion to ComplexClipRegion.

Review request updated; see interdiff: https://reviewboard.mozilla.org/r/133508/diff/1-2/

Comment 8

[Kartikaya Gupta (email:kats@mozilla.staktrace.com)]

And new try push: https://treeherder.mozilla.org/#/jobs?repo=try&revision=e6a2c26ac3279e610050e4f3169251d760f82dc1

Comment 9

[Kartikaya Gupta (email:kats@mozilla.staktrace.com)]

Comment on attachment 8861531 [details]
Bug 1359462 - Ensure we don't pass a nullptr to slice::from_raw_parts.

Review request updated; see interdiff: https://reviewboard.mozilla.org/r/133506/diff/2-3/

Comment 10

[Ryan Hunt [:rhunt] (on leave until early May)]

Comment on attachment 8861531 [details]
Bug 1359462 - Ensure we don't pass a nullptr to slice::from_raw_parts.

https://reviewboard.mozilla.org/r/133506/#review136404

Thanks!

Comment 11

[Pulsebot]

Pushed by kgupta@mozilla.com:
https://hg.mozilla.org/projects/graphics/rev/5fe20b166827
Ensure we don't pass a nullptr to slice::from_raw_parts. r=rhunt

Comment 12

[Kartikaya Gupta (email:kats@mozilla.staktrace.com)]

https://hg.mozilla.org/mozilla-central/rev/5fe20b166827