RESOLVED FIXED Bug 32850
Allocate RemoteFontStream on the heap 
https://bugs.webkit.org/show_bug.cgi?id=32850
Summary Allocate RemoteFontStream on the heap
Kwang Yul Seo
Reported 2009-12-21 20:48:54 PST
In the chromium port of FontCustomPlatformData, an instance of RemoteFontStream is allocated on the stack, so its memory is freed immediately when FontCustomPlatformData::createFontCustomPlatformData returns. SkTypeface::CreateFromStream increments the reference count, but it keeps the pointer to the memory allocated on the stack which is not valid anymore. RemoteFontStream is a descendant of SkRefCount and SkRefCount::unref invokes SkDELETE(this) internally once the reference count reaches zero. This means that SkRefCount-ed instances must be allocated on the heap. It causes a crash in the acid3 test which loads web fonts.
Attachments
Allocate RemoteFontStream on the heap (1.94 KB, patch)
2009-12-21 20:55 PST, Kwang Yul Seo 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Kwang Yul Seo
Comment 1 2009-12-21 20:55:29 PST
Created attachment 45363 [details] Allocate RemoteFontStream on the heap RemoteFontStream must be allocated on the heap.
WebKit Review Bot
Comment 2 2009-12-21 20:57:47 PST
style-queue ran check-webkit-style on attachment 45363 [details] without any errors.
Eric Seidel (no email)
Comment 3 2009-12-21 21:35:24 PST
This would need review from one of the Chrome linux guys. Once they OK it, I'm happy to r+.
Adam Langley
Comment 4 2009-12-22 10:48:03 PST
LGTM
WebKit Commit Bot
Comment 5 2009-12-22 10:51:08 PST
Comment on attachment 45363 [details] Allocate RemoteFontStream on the heap Clearing flags on attachment: 45363 Committed r52492: <http://trac.webkit.org/changeset/52492>
WebKit Commit Bot
Comment 6 2009-12-22 10:51:13 PST
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.