82411 2012-03-27 18:43:09 -0700 [Chromium] Uninitialized access in SimpleFontDataSkia::platformInit() 2012-03-27 19:42:27 -0700 1 1 1 Unclassified WebKit Platform 528+ (Nightly build) Unspecified Unspecified RESOLVED FIXED http://crbug.com/76378 P2 Normal --- 1 bashi bashi tkent webkit.review.bot oldest_to_newest 589556 0 bashi 2012-03-27 18:43:09 -0700 From http://crbug.com/76378 Conditional jump or move depends on uninitialised value(s) at 0x16AEFEF: WebCore::SimpleFontData::platformInit() (third_party/WebKit/Source/WebCore/platform/graphics/SimpleFontData.h:312) by 0x169AC95: WebCore::SimpleFontData::SimpleFontData(WebCore::FontPlatformData const&, bool, bool, bool) (third_party/WebKit/Source/WebCore/platform/graphics/SimpleFontData.cpp:61) This implies that platformInit() calls widthForGlyph(), in which we compared the argument with m_zeroWidthSpaceGlyph, which isn't initialized yet. 589559 1 134194 bashi 2012-03-27 18:44:58 -0700 Created attachment 134194 Patch 589560 2 bashi 2012-03-27 18:45:52 -0700 Kent-san, could you take a look? 589581 3 134194 tkent 2012-03-27 19:04:48 -0700 Comment on attachment 134194 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=134194&action=review > Source/WebCore/ChangeLog:12 > + [Chromium] Uninitialized access in SimpleFontDataSkia::platformInit > + https://bugs.webkit.org/show_bug.cgi?id=82411 > + > + SimpleFontDataSkia::platformInit() could call widthForGlyph(), which > + accesses m_zeroWidthSpaceGlyph. This causes a valgrind memcheck error > + because m_zeroWidthSpaceGlyph isn't initialized at this point. > + Initialize m_zeroWidthSpaceGlyph with zero so that widthForGlyph() can > + return appropriate value(The value zero here means "unknown glyph"). > + > + Reviewed by NOBODY (OOPS!). Usual order is: <summary> <bug URL> Reviewd by ... <Detail> 589582 4 134200 bashi 2012-03-27 19:06:38 -0700 Created attachment 134200 Patch for landing 589587 5 134194 bashi 2012-03-27 19:07:52 -0700 Comment on attachment 134194 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=134194&action=review Thanks! >> Source/WebCore/ChangeLog:12 >> + Reviewed by NOBODY (OOPS!). > > Usual order is: > > <summary> > <bug URL> > > Reviewd by ... > > <Detail> Done. 589609 6 134200 webkit.review.bot 2012-03-27 19:42:23 -0700 Comment on attachment 134200 Patch for landing Clearing flags on attachment: 134200 Committed r112357: <http://trac.webkit.org/changeset/112357> 589610 7 webkit.review.bot 2012-03-27 19:42:27 -0700 All reviewed patches have been landed. Closing bug. 134194 2012-03-27 18:44:58 -0700 2012-03-27 19:07:52 -0700 Patch bug-82411-20120328104457.patch text/plain 2229 bashi U3VidmVyc2lvbiBSZXZpc2lvbjogMTEyMjk4CmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9D aGFuZ2VMb2cgYi9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKaW5kZXggNTVhODVhZjFkYzA0NGM3 MDY1NDBiNmUyYWFhMGFlMGI5NDBhZTQwYy4uYzU1NWY4ZjZiNDE4ZGE5OGEzNzM3YWNiOWQxYTQz ZGQ5ZWZkZTdlNSAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nCisrKyBiL1Nv dXJjZS9XZWJDb3JlL0NoYW5nZUxvZwpAQCAtMSwzICsxLDIyIEBACisyMDEyLTAzLTI3ICBLZW5p Y2hpIElzaGliYXNoaSAgPGJhc2hpQGNocm9taXVtLm9yZz4KKworICAgICAgICBbQ2hyb21pdW1d IFVuaW5pdGlhbGl6ZWQgYWNjZXNzIGluIFNpbXBsZUZvbnREYXRhU2tpYTo6cGxhdGZvcm1Jbml0 CisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD04MjQxMQor CisgICAgICAgIFNpbXBsZUZvbnREYXRhU2tpYTo6cGxhdGZvcm1Jbml0KCkgY291bGQgY2FsbCB3 aWR0aEZvckdseXBoKCksIHdoaWNoCisgICAgICAgIGFjY2Vzc2VzIG1femVyb1dpZHRoU3BhY2VH bHlwaC4gVGhpcyBjYXVzZXMgYSB2YWxncmluZCBtZW1jaGVjayBlcnJvcgorICAgICAgICBiZWNh dXNlIG1femVyb1dpZHRoU3BhY2VHbHlwaCBpc24ndCBpbml0aWFsaXplZCBhdCB0aGlzIHBvaW50 LgorICAgICAgICBJbml0aWFsaXplIG1femVyb1dpZHRoU3BhY2VHbHlwaCB3aXRoIHplcm8gc28g dGhhdCB3aWR0aEZvckdseXBoKCkgY2FuCisgICAgICAgIHJldHVybiBhcHByb3ByaWF0ZSB2YWx1 ZShUaGUgdmFsdWUgemVybyBoZXJlIG1lYW5zICJ1bmtub3duIGdseXBoIikuCisKKyAgICAgICAg UmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgTm8gbmV3IHRlc3RzLiBJIG1h bnVhbGx5IGNvbmZpcm1lZCB0aGlzIGNoYW5nZSBmaXhlcyB0aGUgdmFsZ3JpbmQKKyAgICAgICAg bWVtY2hlY2sgZXJyb3IuCisKKyAgICAgICAgKiBwbGF0Zm9ybS9ncmFwaGljcy9za2lhL1NpbXBs ZUZvbnREYXRhU2tpYS5jcHA6CisgICAgICAgIChXZWJDb3JlOjpTaW1wbGVGb250RGF0YTo6cGxh dGZvcm1Jbml0KToKKwogMjAxMi0wMy0yNyAgU2FtaSBLeW9zdGlsYSAgPHNreW9zdGlsQGNocm9t aXVtLm9yZz4KIAogICAgICAgICBbY2hyb21pdW1dIEFkZCBUZXh0dXJlQ29waWVyIGZvciBjb3B5 aW5nIHRleHR1cmUgY29udGVudHMKZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJDb3JlL3BsYXRmb3Jt L2dyYXBoaWNzL3NraWEvU2ltcGxlRm9udERhdGFTa2lhLmNwcCBiL1NvdXJjZS9XZWJDb3JlL3Bs YXRmb3JtL2dyYXBoaWNzL3NraWEvU2ltcGxlRm9udERhdGFTa2lhLmNwcAppbmRleCA3ODJiMDJm YTkzMjdiN2JmNjc4ODcwNzBlMDE0ZTkzOTFiYmU3MWUxLi42NWE0NjhlZjNkNzhhZmZkNDRhZmZi YjZmNGZlODk0NTY0ZjQ2NTQwIDEwMDY0NAotLS0gYS9Tb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9n cmFwaGljcy9za2lhL1NpbXBsZUZvbnREYXRhU2tpYS5jcHAKKysrIGIvU291cmNlL1dlYkNvcmUv cGxhdGZvcm0vZ3JhcGhpY3Mvc2tpYS9TaW1wbGVGb250RGF0YVNraWEuY3BwCkBAIC0xMzksOCAr MTM5LDE0IEBAIHZvaWQgU2ltcGxlRm9udERhdGE6OnBsYXRmb3JtSW5pdCgpCiAgICAgICAgICAg ICBzdGF0aWMgY29uc3QgVUNoYXIzMiB4Q2hhciA9ICd4JzsKICAgICAgICAgICAgIGNvbnN0IEds eXBoIHhHbHlwaCA9IGdseXBoUGFnZVplcm8tPmdseXBoRGF0YUZvckNoYXJhY3Rlcih4Q2hhciku Z2x5cGg7CiAKLSAgICAgICAgICAgIGlmICh4R2x5cGgpCisgICAgICAgICAgICBpZiAoeEdseXBo KSB7CisgICAgICAgICAgICAgICAgLy8gSW4gd2lkdGhGb3JHbHlwaCgpLCB4R2x5cGggd2lsbCBi ZSBjb21wYXJlZCB3aXRoCisgICAgICAgICAgICAgICAgLy8gbV96ZXJvV2lkdGhTcGFjZUdseXBo LCB3aGljaCBpc24ndCBpbml0aWFsaXplZCB5ZXQgaGVyZS4KKyAgICAgICAgICAgICAgICAvLyBJ bml0aWFsaXplIGl0IHdpdGggemVybyB0byBtYWtlIHN1cmUgd2lkdGhGb3JHbHlwaCgpIHJldHVy bnMKKyAgICAgICAgICAgICAgICAvLyB0aGUgcmlnaHQgd2lkdGguCisgICAgICAgICAgICAgICAg bV96ZXJvV2lkdGhTcGFjZUdseXBoID0gMDsKICAgICAgICAgICAgICAgICBtX2F2Z0NoYXJXaWR0 aCA9IHdpZHRoRm9yR2x5cGgoeEdseXBoKTsKKyAgICAgICAgICAgIH0KICAgICAgICAgfQogICAg IH0KIH0K 134200 2012-03-27 19:06:38 -0700 2012-03-27 19:42:23 -0700 Patch for landing bug-82411-20120328110637.patch text/plain 2226 bashi U3VidmVyc2lvbiBSZXZpc2lvbjogMTEyMjk4CmRpZmYgLS1naXQgYS9Tb3VyY2UvV2ViQ29yZS9D aGFuZ2VMb2cgYi9Tb3VyY2UvV2ViQ29yZS9DaGFuZ2VMb2cKaW5kZXggNTVhODVhZjFkYzA0NGM3 MDY1NDBiNmUyYWFhMGFlMGI5NDBhZTQwYy4uMmU3MTAyZjYxYzIyYTA3ODk1ZWJlMTQyZDUyNGI4 ODYxZDE0NGJkOSAxMDA2NDQKLS0tIGEvU291cmNlL1dlYkNvcmUvQ2hhbmdlTG9nCisrKyBiL1Nv dXJjZS9XZWJDb3JlL0NoYW5nZUxvZwpAQCAtMSwzICsxLDIyIEBACisyMDEyLTAzLTI3ICBLZW5p Y2hpIElzaGliYXNoaSAgPGJhc2hpQGNocm9taXVtLm9yZz4KKworICAgICAgICBbQ2hyb21pdW1d IFVuaW5pdGlhbGl6ZWQgYWNjZXNzIGluIFNpbXBsZUZvbnREYXRhU2tpYTo6cGxhdGZvcm1Jbml0 CisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD04MjQxMQor CisgICAgICAgIFJldmlld2VkIGJ5IEtlbnQgVGFtdXJhLgorCisgICAgICAgIFNpbXBsZUZvbnRE YXRhU2tpYTo6cGxhdGZvcm1Jbml0KCkgY291bGQgY2FsbCB3aWR0aEZvckdseXBoKCksIHdoaWNo CisgICAgICAgIGFjY2Vzc2VzIG1femVyb1dpZHRoU3BhY2VHbHlwaC4gVGhpcyBjYXVzZXMgYSB2 YWxncmluZCBtZW1jaGVjayBlcnJvcgorICAgICAgICBiZWNhdXNlIG1femVyb1dpZHRoU3BhY2VH bHlwaCBpc24ndCBpbml0aWFsaXplZCBhdCB0aGlzIHBvaW50LgorICAgICAgICBJbml0aWFsaXpl IG1femVyb1dpZHRoU3BhY2VHbHlwaCB3aXRoIHplcm8gc28gdGhhdCB3aWR0aEZvckdseXBoKCkg Y2FuCisgICAgICAgIHJldHVybiBhcHByb3ByaWF0ZSB2YWx1ZShUaGUgdmFsdWUgemVybyBoZXJl IG1lYW5zICJ1bmtub3duIGdseXBoIikuCisKKyAgICAgICAgTm8gbmV3IHRlc3RzLiBJIG1hbnVh bGx5IGNvbmZpcm1lZCB0aGlzIGNoYW5nZSBmaXhlcyB0aGUgdmFsZ3JpbmQKKyAgICAgICAgbWVt Y2hlY2sgZXJyb3IuCisKKyAgICAgICAgKiBwbGF0Zm9ybS9ncmFwaGljcy9za2lhL1NpbXBsZUZv bnREYXRhU2tpYS5jcHA6CisgICAgICAgIChXZWJDb3JlOjpTaW1wbGVGb250RGF0YTo6cGxhdGZv cm1Jbml0KToKKwogMjAxMi0wMy0yNyAgU2FtaSBLeW9zdGlsYSAgPHNreW9zdGlsQGNocm9taXVt Lm9yZz4KIAogICAgICAgICBbY2hyb21pdW1dIEFkZCBUZXh0dXJlQ29waWVyIGZvciBjb3B5aW5n IHRleHR1cmUgY29udGVudHMKZGlmZiAtLWdpdCBhL1NvdXJjZS9XZWJDb3JlL3BsYXRmb3JtL2dy YXBoaWNzL3NraWEvU2ltcGxlRm9udERhdGFTa2lhLmNwcCBiL1NvdXJjZS9XZWJDb3JlL3BsYXRm b3JtL2dyYXBoaWNzL3NraWEvU2ltcGxlRm9udERhdGFTa2lhLmNwcAppbmRleCA3ODJiMDJmYTkz MjdiN2JmNjc4ODcwNzBlMDE0ZTkzOTFiYmU3MWUxLi42NWE0NjhlZjNkNzhhZmZkNDRhZmZiYjZm NGZlODk0NTY0ZjQ2NTQwIDEwMDY0NAotLS0gYS9Tb3VyY2UvV2ViQ29yZS9wbGF0Zm9ybS9ncmFw aGljcy9za2lhL1NpbXBsZUZvbnREYXRhU2tpYS5jcHAKKysrIGIvU291cmNlL1dlYkNvcmUvcGxh dGZvcm0vZ3JhcGhpY3Mvc2tpYS9TaW1wbGVGb250RGF0YVNraWEuY3BwCkBAIC0xMzksOCArMTM5 LDE0IEBAIHZvaWQgU2ltcGxlRm9udERhdGE6OnBsYXRmb3JtSW5pdCgpCiAgICAgICAgICAgICBz dGF0aWMgY29uc3QgVUNoYXIzMiB4Q2hhciA9ICd4JzsKICAgICAgICAgICAgIGNvbnN0IEdseXBo IHhHbHlwaCA9IGdseXBoUGFnZVplcm8tPmdseXBoRGF0YUZvckNoYXJhY3Rlcih4Q2hhcikuZ2x5 cGg7CiAKLSAgICAgICAgICAgIGlmICh4R2x5cGgpCisgICAgICAgICAgICBpZiAoeEdseXBoKSB7 CisgICAgICAgICAgICAgICAgLy8gSW4gd2lkdGhGb3JHbHlwaCgpLCB4R2x5cGggd2lsbCBiZSBj b21wYXJlZCB3aXRoCisgICAgICAgICAgICAgICAgLy8gbV96ZXJvV2lkdGhTcGFjZUdseXBoLCB3 aGljaCBpc24ndCBpbml0aWFsaXplZCB5ZXQgaGVyZS4KKyAgICAgICAgICAgICAgICAvLyBJbml0 aWFsaXplIGl0IHdpdGggemVybyB0byBtYWtlIHN1cmUgd2lkdGhGb3JHbHlwaCgpIHJldHVybnMK KyAgICAgICAgICAgICAgICAvLyB0aGUgcmlnaHQgd2lkdGguCisgICAgICAgICAgICAgICAgbV96 ZXJvV2lkdGhTcGFjZUdseXBoID0gMDsKICAgICAgICAgICAgICAgICBtX2F2Z0NoYXJXaWR0aCA9 IHdpZHRoRm9yR2x5cGgoeEdseXBoKTsKKyAgICAgICAgICAgIH0KICAgICAgICAgfQogICAgIH0K IH0K