Last Comment Bug 355059 - valgrind free memory read warning from multiple FT_Done_Face calls in nsFontMetricsPS.cpp
: valgrind free memory read warning from multiple FT_Done_Face calls in nsFontM...
Status: RESOLVED FIXED
[need testcase]
: fixed1.8.0.10, fixed1.8.1.1, valgrind
Product: Core Graveyard
Classification: Graveyard
Component: GFX: Gtk (show other bugs)
: 1.8 Branch
: x86 Linux
: -- normal (vote)
: ---
Assigned To: David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch)
:
Mentors:
Depends on:
Blocks: 341355
  Show dependency treegraph
 
Reported: 2006-10-01 12:59 PDT by David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch)
Modified: 2009-01-22 10:17 PST (History)
6 users (show)
dveditz: blocking1.8.1.1+
See Also:
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
valgrind warning (5.31 KB, text/plain; charset=utf-8)
2006-10-01 13:00 PDT, David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch)
no flags Details
patch (1.55 KB, patch)
2006-10-01 13:01 PDT, David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch)
roc: review+
roc: superreview+
dveditz: approval1.8.1.1+
jaymoz: approval1.8.0.10+
Details | Diff | Review

Description David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch) 2006-10-01 12:59:23 PDT
When printing http://www.mozilla.com/firefox/all on a trunk build with cairo disabled I get a valgrind warning about reading freed memory (attached).  The attached patch fixes the warning.

I haven't bothered to figure out the ownership model here -- but it seems to be working well enough except for this issue -- although I suppose I haven't checked for leaks.  Then again, this code should be going away for 1.9.
Comment 1 David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch) 2006-10-01 13:00:03 PDT
Created attachment 240845 [details]
valgrind warning
Comment 2 David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch) 2006-10-01 13:01:21 PDT
Created attachment 240846 [details] [diff] [review]
patch

This fixes the warning.  I'm not sure who owns the entry object, but this seems like the simplest patch to prevent the object from being accessed after being freed.
Comment 3 David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch) 2006-10-06 15:59:56 PDT
Checked in to trunk, although the code isn't used there.
Comment 4 Daniel Veditz [:dveditz] 2006-11-07 15:36:07 PST
Comment on attachment 240846 [details] [diff] [review]
patch

approved for 1.8 branch, a=dveditz for drivers
Comment 5 Robert Basch 2006-11-08 11:09:42 PST
I believe the bugs addressed here are responsible for the problems described
in bug 336435 (Firefox hangs following printing on Linux).  I debugged this a
couple of months ago, and attached a patch which fixed several double-free
bugs, including the bugs fixed here.  However, I also found an additional bug
(a failure to increment the reference count on a CharSet following a look-up
in fontconfig), which is fixed in the first part of my patch.  See:

https://bugzilla.mozilla.org/attachment.cgi?id=237126&action=view

Can that part of the patch be reviewed and committed soon?  (Please let me
know if you want me to provide an updated patch).  It would be nice to get
all of these fixes into the next 1.5.0.x release, as these bugs are having
a major impact on our users.
Comment 6 Robert Basch 2006-11-08 11:20:55 PST
Ah, I now see that the additional bug I referred to was addressed in bug 294879,
and a fix has already been checked in, and included in 1.5.0.8.  So never mind
about reviewing that part of my patch.
Comment 7 David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch) 2006-11-08 12:05:25 PST
Checked in to MOZILLA_1_8_BRANCH.
Comment 8 Jay Patel [:jay] 2007-01-03 15:04:20 PST
Comment on attachment 240846 [details] [diff] [review]
patch

Approved for 1.8.0 branch, a=jay for drivers.
Comment 9 David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch) 2007-01-03 15:56:51 PST
Checked in to MOZILLA_1_8_0_BRANCH.
Comment 10 Tony Chung [:tchung] 2007-02-08 01:57:14 PST
hi david, can you provide steps on how QA can verify this fix on the 1.8 and 1.8.0 branch?  thanks.
Comment 11 David Baron :dbaron: ⌚️UTC-7 (review requests must explain patch) 2007-02-22 15:34:36 PST
*** Bug 341355 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.