Title: [93216] trunk/Source/WebCore
- Revision
- 93216
- Author
- ba...@chromium.org
- Date
- 2011-08-17 10:23:24 -0700 (Wed, 17 Aug 2011)
Log Message
[Chromium] Crash in HarfbuzzFace::~HarfbuzzFace
https://bugs.webkit.org/show_bug.cgi?id=66211
Holds Skia's unique font ID instead of FontPlatformData to avoid accessing freed FontPlatformData.
Reviewed by Tony Chang.
No new tests; no functional change.
* platform/graphics/chromium/HarfbuzzSkia.cpp:
(WebCore::releaseCachedHarfbuzzFace): Changed the argument.
(WebCore::HarfbuzzFace::HarfbuzzFace): Changed to have Skia's font uniqueID instead of FontPlatformData.
(WebCore::HarfbuzzFace::~HarfbuzzFace): Uses m_uniqueID to call releaseCachedHarfbuzzFace.
* platform/graphics/chromium/HarfbuzzSkia.h:
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (93215 => 93216)
--- trunk/Source/WebCore/ChangeLog 2011-08-17 17:16:31 UTC (rev 93215)
+++ trunk/Source/WebCore/ChangeLog 2011-08-17 17:23:24 UTC (rev 93216)
@@ -1,3 +1,20 @@
+2011-08-17 Kenichi Ishibashi <ba...@chromium.org>
+
+ [Chromium] Crash in HarfbuzzFace::~HarfbuzzFace
+ https://bugs.webkit.org/show_bug.cgi?id=66211
+
+ Holds Skia's unique font ID instead of FontPlatformData to avoid accessing freed FontPlatformData.
+
+ Reviewed by Tony Chang.
+
+ No new tests; no functional change.
+
+ * platform/graphics/chromium/HarfbuzzSkia.cpp:
+ (WebCore::releaseCachedHarfbuzzFace): Changed the argument.
+ (WebCore::HarfbuzzFace::HarfbuzzFace): Changed to have Skia's font uniqueID instead of FontPlatformData.
+ (WebCore::HarfbuzzFace::~HarfbuzzFace): Uses m_uniqueID to call releaseCachedHarfbuzzFace.
+ * platform/graphics/chromium/HarfbuzzSkia.h:
+
2011-08-17 Jeff Miller <je...@apple.com>
Re-sort the WebCore project with Visual Studio after recent changes that I assume were done by manually editing the XML.
Modified: trunk/Source/WebCore/platform/graphics/chromium/HarfbuzzSkia.cpp (93215 => 93216)
--- trunk/Source/WebCore/platform/graphics/chromium/HarfbuzzSkia.cpp 2011-08-17 17:16:31 UTC (rev 93215)
+++ trunk/Source/WebCore/platform/graphics/chromium/HarfbuzzSkia.cpp 2011-08-17 17:23:24 UTC (rev 93216)
@@ -246,9 +246,8 @@
return result.get()->second.first;
}
-static void releaseCachedHarfbuzzFace(FontPlatformData* platformData)
+static void releaseCachedHarfbuzzFace(SkFontID uniqueID)
{
- SkFontID uniqueID = platformData->uniqueID();
HarfbuzzFaceCache::iterator result = gHarfbuzzFaceCache->find(uniqueID);
ASSERT(result != gHarfbuzzFaceCache->end());
ASSERT(result.get()->second.second > 0);
@@ -260,14 +259,14 @@
}
HarfbuzzFace::HarfbuzzFace(FontPlatformData* platformData)
- : m_platformData(platformData)
+ : m_uniqueID(platformData->uniqueID())
{
- m_harfbuzzFace = getCachedHarfbuzzFace(m_platformData);
+ m_harfbuzzFace = getCachedHarfbuzzFace(platformData);
}
HarfbuzzFace::~HarfbuzzFace()
{
- releaseCachedHarfbuzzFace(m_platformData);
+ releaseCachedHarfbuzzFace(m_uniqueID);
}
} // namespace WebCore
Modified: trunk/Source/WebCore/platform/graphics/chromium/HarfbuzzSkia.h (93215 => 93216)
--- trunk/Source/WebCore/platform/graphics/chromium/HarfbuzzSkia.h 2011-08-17 17:16:31 UTC (rev 93215)
+++ trunk/Source/WebCore/platform/graphics/chromium/HarfbuzzSkia.h 2011-08-17 17:23:24 UTC (rev 93216)
@@ -55,7 +55,7 @@
private:
explicit HarfbuzzFace(FontPlatformData*);
- FontPlatformData* m_platformData;
+ uint32_t m_uniqueID;
HB_FaceRec_* m_harfbuzzFace;
};
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes
