[Webkit-unassigned] [Bug 46978] [Qt] The scrolling benchmark crashes on Maemo 5 with QtWebKit 2.1
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Oct 8 05:58:31 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=46978
Benjamin Poulain <benjamin.poulain at nokia.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
--- Comment #5 from Benjamin Poulain <benjamin.poulain at nokia.com> 2010-10-08 05:58:31 PST ---
I finally solved this thing. The problem was in Qt, the patch is in the commit 4d974ff0a748b22e668a4cb7ef38101122c85b3b
To summarize what was going on:
-the gif plugin decode a frame
-the gif plugin keep a reference to this frame for future usage
-because of the bug, in-place conversion took place on the image returned by the plugin, which is also the one kept by the plugin
-because the color space is 16 bits on device, the in-place conversion half the memory allocated
-when WebKit need the next image, the gif plugin reuse the cached image, and write out of the memor since the conversion reduced it.
-after some time writing outside the memory bounds, the memory is so messed up we end up with random crashes in WebCore.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list