[7u4] request for review: 7152608: [macosx] Crash in liblwawt.dylib in AccelGlyphCache_RemoveCellInfo
Alexander Zuev
alexander.zuev at oracle.com
Thu Mar 15 07:27:17 PDT 2012
Andrew,
Fix looks fine to me.
WBR,
Alex.
On 3/14/12 15:58, Andrew Brygin wrote:
> Hello,
>
> this problem is an example of 'use-after-free' crash: the crash itself
> happens when AccelGlyphCache meets invalid pointer to a cache cell info
> in cached glyph info structure. This pointer can have arbitrary value,
> because corresponding glyph info structure is already destroyed by
> CStrike cache machinery.
> The root of the problem is that this destruction is made without any
> notification to AccelGlyphCache, which keeps and uses invalid pointer
> to glyph info object.
> Suggested solution is to remove a glyph info instance from the
> accelerated cache before destruction. Please take a look to suggested
> fix.
>
> Bug: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7152608
> Webrev: http://cr.openjdk.java.net/~bae/7152608/webrev/
>
> Thanks,
> Andrew
More information about the macosx-port-dev
mailing list