[Webkit-unassigned] [Bug 111179] [Cairo] Surface pointer passed to asNewNativeImage() might be freed.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Mar 8 05:53:10 PST 2013
https://bugs.webkit.org/show_bug.cgi?id=111179
--- Comment #4 from Zoltan Herczeg <zherczeg at webkit.org> 2013-03-08 05:55:34 PST ---
> Essentially I mean that we could replace the NativeImageCairo class with a pointer to a raw cairo_surface_t in the way it was before I introduced NativeImageCairo.
I realized this will not help. The problem is, that ImageFrame has a Vector<PixelData> m_backingStore member, which is reallocated when the frame is copied, so the original buffer becomes invalid. However, the image surface created by the ImageFrame still uses the old buffer. The point is, in case of resize (and only in this case!) the m_backingStore should keep its value.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list