search

SerenityOS / serenity

The Serenity Operating System 🐞
https://serenityos.org
BSD 2-Clause "Simplified" License
30.63k stars 3.19k forks source link

Assistant: Null pointer deref when quickly entering input #8302

Closed FireFox317 closed 3 years ago

FireFox317 commented 3 years ago

When you quickly enter more than 1 character into Assistants input TextBox, a null pointer deref at Painter.cpp:19 occurs.

Backtrace:

CrashDaemon(20:20): New coredump file: /tmp/coredump/Assistant_30_1624910438
CrashDaemon(20:20): --- Backtrace for thread #0 (TID 30) ---
CrashDaemon(20:20): 0x0713a938: [libgfx.so] Gfx::Painter::Painter(Gfx::Bitmap&) +0x48 (Atomic.h:256 => RefCounted.h:52)
CrashDaemon(20:20): 0x5a896e03: [libgui.so] GUI::Painter::Painter(GUI::Widget&) +0x83 (Painter.cpp:14 => Painter.cpp:19)
CrashDaemon(20:20): 0x5a85c913: [libgui.so] GUI::Frame::paint_event(GUI::PaintEvent&) [clone .localalias] +0x53 (Frame.cpp:53 => Frame.cpp:48)
CrashDaemon(20:20): 0x5a8d3ccc: [libgui.so] GUI::TextEditor::paint_event(GUI::PaintEvent&) +0xfc (TextEditor.cpp:403)
CrashDaemon(20:20): 0x5a8f686b: [libgui.so] GUI::Widget::handle_paint_event(GUI::PaintEvent&) [clone .localalias] +0x48b (Widget.cpp:280)
CrashDaemon(20:20): 0xaf0b9170: [libcore.so] Core::Object::dispatch_event(Core::Event&, Core::Object*) +0xb0 (Object.cpp:213)
CrashDaemon(20:20): 0x5a8f66f4: [libgui.so] GUI::Widget::handle_paint_event(GUI::PaintEvent&) [clone .localalias] +0x314 (Widget.cpp:287)
CrashDaemon(20:20): 0xaf0b9170: [libcore.so] Core::Object::dispatch_event(Core::Event&, Core::Object*) +0xb0 (Object.cpp:213)
CrashDaemon(20:20): 0x5a90509e: [libgui.so] GUI::Window::handle_multi_paint_event(GUI::MultiPaintEvent&) +0x2fe (Window.cpp:428)
CrashDaemon(20:20): 0x5a907f29: [libgui.so] GUI::Window::event(Core::Event&) +0x189 (Window.cpp:567)
CrashDaemon(20:20): 0xaf0b9170: [libcore.so] Core::Object::dispatch_event(Core::Event&, Core::Object*) +0xb0 (Object.cpp:213)
CrashDaemon(20:20): 0xaf09e4e2: [libcore.so] Core::EventLoop::pump(Core::EventLoop::WaitMode) [clone .localalias] +0x572 (EventLoop.cpp:398)
CrashDaemon(20:20): 0xaf09ed0a: [libcore.so] Core::EventLoop::exec() +0x5a (EventLoop.cpp:362)
CrashDaemon(20:20): 0x5a7dcf97: [libgui.so] GUI::Application::exec() +0x27 (Application.cpp:105)
CrashDaemon(20:20): 0x83af4131: [/bin/Assistant] main +0x591 (main.cpp:277)
CrashDaemon(20:20): 0x83af44a7: [/bin/Assistant] _start +0x57 (crt0.cpp:37)
awesomekling commented 3 years ago

cc @SpencerCDixon