[Webkit-unassigned] [Bug 78404] [chromium] Replace RefPtr with OwnPtr for CCLayerImpl tree structure
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Feb 24 20:05:57 PST 2012
https://bugs.webkit.org/show_bug.cgi?id=78404
--- Comment #26 from James Robinson <jamesr at chromium.org> 2012-02-24 20:05:57 PST ---
(In reply to comment #25)
> (From update of attachment 128839 [details])
> Clearing c-q for now, ASAN seems to have an issue with one of the unit tests..
Ah, ASAN caught an interesting bug in removeFromParent():
82 void CCLayerImpl::removeFromParent()
83 {
84 if (!m_parent)
85 return;
86 for (size_t i = 0; i < m_parent->m_children.size(); ++i) {
87 if (m_parent->m_children[i].get() == this) {
88 m_parent->m_children.remove(i);
89 break;
90 }
91 }
92 m_parent = 0;
93 }
Line 88 was deleting 'this' and line 92 was attempting to set a member variable. Shuffling the order around fixes this and results in a clean ASAN run of webkit_unit_tests. I'll run the layout tests under ASAN, then land with this fix.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list