[Webkit-unassigned] [Bug 32850] New: Allocate RemoteFontStream on the heap
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Dec 21 20:48:54 PST 2009
https://bugs.webkit.org/show_bug.cgi?id=32850
Summary: Allocate RemoteFontStream on the heap
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
OS/Version: Linux
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: Layout and Rendering
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: kwangyul.seo at gmail.com
In the chromium port of FontCustomPlatformData, an instance of RemoteFontStream
is allocated on the stack, so its memory is freed immediately when
FontCustomPlatformData::createFontCustomPlatformData returns.
SkTypeface::CreateFromStream increments the reference count, but it keeps the
pointer to the memory allocated on the stack which is not valid anymore.
RemoteFontStream is a descendant of SkRefCount and SkRefCount::unref invokes
SkDELETE(this) internally once the reference count reaches zero. This means
that SkRefCount-ed instances must be allocated on the heap.
It causes a crash in the acid3 test which loads web fonts.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list