[SCM] WebKit Debian packaging branch, debian/experimental, updated. upstream/1.3.3-9427-gc2be6fc

mihaip at chromium.org mihaip at chromium.org
Wed Dec 22 15:53:39 UTC 2010 

The following commit has been merged in the debian/experimental branch:
commit bf54d9100003741cb448459fbb0f5867e8f6cc3d
Author: mihaip at chromium.org <mihaip at chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Tue Nov 16 08:44:09 2010 +0000

    2010-11-16  Mihai Parparita  <mihaip at chromium.org>
    
            Reviewed by Adam Barth.
    
            fast/images/size-failure.html results in malloc of 2 Gb after switching to WebKit image decoders
            https://bugs.webkit.org/show_bug.cgi?id=48634
    
            Re-enable fast/images/size-failure.html now that it passes and doesn't
            affect subsequent tests.
    
            * platform/chromium/test_expectations.txt:
    2010-11-16  Mihai Parparita  <mihaip at chromium.org>
    
            Reviewed by Adam Barth.
    
            fast/images/size-failure.html results in malloc of 2 Gb after switching to WebKit image decoders
            https://bugs.webkit.org/show_bug.cgi?id=48634
    
            Specify the capacity when calling CFDataCreateMutable, which can signal
            malloc failures (by returning NULL), unlike CFDataSetLength.
    
            * platform/image-decoders/cg/ImageDecoderCG.cpp:
            (WebCore::RGBA32Buffer::setSize):
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@72066 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog
index f4e8046..4e2cc18 100644
--- a/LayoutTests/ChangeLog
+++ b/LayoutTests/ChangeLog
@@ -1,3 +1,15 @@
+2010-11-16  Mihai Parparita  <mihaip at chromium.org>
+
+        Reviewed by Adam Barth.
+
+        fast/images/size-failure.html results in malloc of 2 Gb after switching to WebKit image decoders
+        https://bugs.webkit.org/show_bug.cgi?id=48634
+        
+        Re-enable fast/images/size-failure.html now that it passes and doesn't
+        affect subsequent tests.
+
+        * platform/chromium/test_expectations.txt:
+
 2010-11-15  Dan Bernstein  <mitz at apple.com>
 
         Rubber-stamped by Mark Rowe.
diff --git a/LayoutTests/platform/chromium/test_expectations.txt b/LayoutTests/platform/chromium/test_expectations.txt
index 86a160a..7c995d4 100644
--- a/LayoutTests/platform/chromium/test_expectations.txt
+++ b/LayoutTests/platform/chromium/test_expectations.txt
@@ -3140,9 +3140,6 @@ BUG61406 WIN LINUX : svg/dynamic-updates/SVGFETurbulenceElement-svgdom-baseFrequ
 // from http://trac.webkit.org/changeset/53086 (expectation changed in above WK roll, was IMAGE+TEXT)
 BUG32153and61406 WIN LINUX : svg/dynamic-updates/SVGTextElement-svgdom-rotate-prop.html = IMAGE
 
-// This started to crash on Debug Mac 10.5 bots after recent rolls.
-BUG61478 DEBUG MAC : fast/images/svg-as-background.html = CRASH
-
 // Flaky: fails about 5% of the time.
 //BUG31342 WIN RELEASE : security/block-test-no-port.html = TEXT PASS
 // Now fails all the time on Win and Linux, see bug for details.
@@ -3204,10 +3201,6 @@ BUG60393 MAC : fast/selectors/001.html = PASS TIMEOUT
 
 BUG61739 MAC WIN DEBUG SLOW : animations/suspend-resume-animation-events.html = CRASH PASS
 
-// Malformed image results in humongous malloc; if this test is run it will 
-// affect ones that follow it.
-BUGWK48634 MAC SKIP : fast/images/size-failure.html = CRASH
-
 // Added in WK r71969
 BUGWK40887 MAC : svg/dynamic-updates/SVGLineElement-dom-requiredFeatures.html = MISSING
 BUGWK40887 MAC : svg/dynamic-updates/SVGLineElement-svgdom-requiredFeatures.html = MISSING
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index 0187bf0..1c74926 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,16 @@
+2010-11-16  Mihai Parparita  <mihaip at chromium.org>
+
+        Reviewed by Adam Barth.
+
+        fast/images/size-failure.html results in malloc of 2 Gb after switching to WebKit image decoders
+        https://bugs.webkit.org/show_bug.cgi?id=48634
+        
+        Specify the capacity when calling CFDataCreateMutable, which can signal
+        malloc failures (by returning NULL), unlike CFDataSetLength.
+
+        * platform/image-decoders/cg/ImageDecoderCG.cpp:
+        (WebCore::RGBA32Buffer::setSize):
+
 2010-11-15  Rob Buis  <rwlbuis at gmail.com>
 
         Reviewed by Dirk Schulze and Darin Adler.
diff --git a/WebCore/platform/image-decoders/cg/ImageDecoderCG.cpp b/WebCore/platform/image-decoders/cg/ImageDecoderCG.cpp
index 0f4dbc8..32e94e0 100644
--- a/WebCore/platform/image-decoders/cg/ImageDecoderCG.cpp
+++ b/WebCore/platform/image-decoders/cg/ImageDecoderCG.cpp
@@ -60,8 +60,13 @@ bool RGBA32Buffer::copyBitmapData(const RGBA32Buffer& other)
 
 bool RGBA32Buffer::setSize(int newWidth, int newHeight)
 {
-    m_backingStore.adoptCF(CFDataCreateMutable(kCFAllocatorDefault, 0));
-    CFDataSetLength(m_backingStore.get(), newWidth * newHeight * sizeof(PixelData));
+    ASSERT(!m_backingStore);
+    size_t backingStoreSize = newWidth * newHeight * sizeof(PixelData);
+    CFMutableDataRef backingStoreRef = CFDataCreateMutable(kCFAllocatorDefault, backingStoreSize);
+    if (!backingStoreRef)
+        return false;
+    m_backingStore.adoptCF(backingStoreRef);
+    CFDataSetLength(backingStoreRef, backingStoreSize);
     m_bytes = reinterpret_cast<PixelData*>(CFDataGetMutableBytePtr(m_backingStore.get()));
     m_size = IntSize(newWidth, newHeight);
 

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list