Crash in -[WebCascadeList objectAtIndex:] + 195
authormmaxfield@apple.com <mmaxfield@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 6 Mar 2015 19:08:55 +0000 (19:08 +0000)
committermmaxfield@apple.com <mmaxfield@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 6 Mar 2015 19:08:55 +0000 (19:08 +0000)
commit0dd5539dbbbe1957d425643911eba35870cc01e4
tree2058fcd0ec8ce2ffdaba4b6fc0980fb9933d1318
parent20c0e83152dea6ee1308ac702ae33ca34399d24d
Crash in -[WebCascadeList objectAtIndex:] + 195
https://bugs.webkit.org/show_bug.cgi?id=141274

Reviewed by David Kilzer.

Source/WebCore:

CTFontDescriptorRefs can live forever in caches inside CoreText, which means our
WebCascadeList can too.

Test: platform/mac/fast/text/crash-complextextcontroller-custom-cascade-list.html

* platform/graphics/FontCascade.cpp:
(WebCore::FontCascade::FontCascade): Initialize WeakPtrFactory.
* platform/graphics/FontCascade.h:
(WebCore::FontCascade::createWeakPtr):
* platform/graphics/mac/ComplexTextControllerCoreText.mm: Migrate the raw pointer
to WeakPtr.
(-[WebCascadeList initWithFont:character:]):
(-[WebCascadeList count]):
(-[WebCascadeList objectAtIndex:]):

Source/WTF:

* wtf/WeakPtr.h:
(WTF::WeakPtrFactory::createWeakPtr): WebCascadeList uses a const FontCascade,
and it calls createWeakPtr() on it. Therefore, createWeakPtr has to be marked
const.
(WTF::WeakPtrFactory::operator=): Removed because it was broken and had no
callers

LayoutTests:

* platform/mac/fast/text/crash-complextextcontroller-custom-cascade-list-expected.txt: Added.
* platform/mac/fast/text/crash-complextextcontroller-custom-cascade-list.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181172 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/platform/mac/fast/text/crash-complextextcontroller-custom-cascade-list-expected.txt [new file with mode: 0644]
LayoutTests/platform/mac/fast/text/crash-complextextcontroller-custom-cascade-list.html [new file with mode: 0644]
Source/WTF/ChangeLog
Source/WTF/wtf/WeakPtr.h
Source/WebCore/ChangeLog
Source/WebCore/platform/graphics/FontCascade.cpp
Source/WebCore/platform/graphics/FontCascade.h
Source/WebCore/platform/graphics/mac/ComplexTextControllerCoreText.mm