46480 – [chromium] Platform layers should not be able to hold a stale compositor pointer

RESOLVED FIXED Bug 46480

[chromium] Platform layers should not be able to hold a stale compositor pointer

https://bugs.webkit.org/show_bug.cgi?id=46480

Summary [chromium] Platform layers should not be able to hold a stale compositor pointer

Vangelis Kokkevis

Reported 2010-09-24 10:30:16 PDT

Composited layers (the ones derived from LayerChromium) hold a raw pointer to the compositor (LayerRendererChromium) which means that if the compositor gets destroyed before the layers do they could be accessing uninitialized memory. One possible solution would be to make LayerChromium hold a reference to LayerRendererChromium instead of a raw pointer to ensure a proper destruction order.

Attachments
Add attachment proposed patch, testcase, etc.

Vangelis Kokkevis

Comment 1 2010-10-08 09:56:22 PDT

Fixed in r68442: <http://trac.webkit.org/changeset/68442>

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware All

OS All

Product WebKit

Component WebCore Misc.

Assignee

Vangelis Kokkevis

Reported

2010-09-24 10:30 PDT

Modified

2010-10-08 09:56 PDT History

CC List

0 users

URL

Keywords

Depends on

Blocks