Bug 51466 - chrome.dll!WebCore::Font::xHeight ReadAV@NULL (15af5145b4290aa1c6bccd7c516491f9)
Summary: chrome.dll!WebCore::Font::xHeight ReadAV@NULL (15af5145b4290aa1c6bccd7c516491f9)
Status: RESOLVED INVALID
Alias: None
Product: WebKit
Classification: Unclassified
Component: Canvas (show other bugs)
Version: 528+ (Nightly build)
Hardware: PC Windows Vista
: P1 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-12-22 05:46 PST by Berend-Jan Wever
Modified: 2014-04-03 14:15 PDT (History)
4 users (show)

See Also:

Attachments
Repro (117 bytes, text/html)
2010-12-22 05:46 PST, Berend-Jan Wever 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Berend-Jan Wever 2010-12-22 05:46:45 PST 
Created attachment 77211 [details]
Repro

http://code.google.com/p/chromium/issues/detail?id=67786

Repro:
<script>
  oContext2d=document.getCSSCanvasContext("2d","",0);
  oContext2d.font="small-caps 1ex fantasy";
</script>

id:             chrome.dll!WebCore::Font::xHeight ReadAV@NULL (15af5145b4290aa1c6bccd7c516491f9)
description:    Attempt to read from unallocated NULL pointer+0x30 in chrome.dll!WebCore::Font::xHeight
stack:          chrome.dll!WebCore::Font::xHeight
                chrome.dll!WebCore::CSSPrimitiveValue::computeLengthDouble
                chrome.dll!WebCore::CSSPrimitiveValue::computeLengthFloat
                chrome.dll!(unknown)
                chrome.dll!(unknown)
                chrome.dll!WebCore::CSSStyleSelector::applyPropertyToStyle
                chrome.dll!WebCore::CanvasRenderingContext2D::setFont
                chrome.dll!WebCore::CanvasRenderingContext2DInternal::fontAttrSetter
                chrome.dll!v8::internal::JSObject::SetPropertyWithCallback
                chrome.dll!v8::internal::JSObject::SetProperty
                chrome.dll!v8::internal::JSObject::SetProperty
                chrome.dll!v8::internal::StoreIC::Store
                chrome.dll!v8::internal::StoreIC_Miss
                chrome.dll!v8::internal::Invoke
                chrome.dll!v8::internal::Execution::Call
                ...
Comment 1 Berend-Jan Wever 2011-05-10 04:01:06 PDT 
See also bug 57756
Comment 2 noel gordon 2011-09-28 20:19:50 PDT 
Fixed on bug 66291 yes?