[SCM] WebKit Debian packaging branch, webkit-1.2, updated. upstream/1.1.90-6072-g9a69373
ggaren at apple.com
ggaren at apple.com
Thu Apr 8 01:41:01 UTC 2010
The following commit has been merged in the webkit-1.2 branch:
commit dbb1d9f05e6c371111e1e82c0fd872793e976c27
Author: ggaren at apple.com <ggaren at apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Sat Feb 6 04:25:52 2010 +0000
Added an ASSERT to catch an implausible but theoretically possible leak.
Reviewed by Dan Bernstein.
In theory, if malloc allocated a UChar buffer directly after a StringImpl,
the StringImpl might incorrecly assume that the UChar buffer was inline,
and fail to delete it.
This ASSERT is somewhat academic, since we don't use the same allocator
in debug builds, but oh well.
* platform/text/StringImpl.cpp:
(WebCore::StringImpl::StringImpl):
(WebCore::StringImpl::createUninitialized):
* platform/text/StringImpl.h: Separated the inline buffer StringImpl
constructor from the out-of-line buffer StringImpl constructor. Made
the former ASSERT that its buffer was indeed inline, and the latter ASSERT
that its buffer was indeed not inline.
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@54460 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index d98955d..8f20509 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,24 @@
+2010-02-05 Geoffrey Garen <ggaren at apple.com>
+
+ Reviewed by Dan Bernstein.
+
+ Added an ASSERT to catch an implausible but theoretically possible leak.
+
+ In theory, if malloc allocated a UChar buffer directly after a StringImpl,
+ the StringImpl might incorrecly assume that the UChar buffer was inline,
+ and fail to delete it.
+
+ This ASSERT is somewhat academic, since we don't use the same allocator
+ in debug builds, but oh well.
+
+ * platform/text/StringImpl.cpp:
+ (WebCore::StringImpl::StringImpl):
+ (WebCore::StringImpl::createUninitialized):
+ * platform/text/StringImpl.h: Separated the inline buffer StringImpl
+ constructor from the out-of-line buffer StringImpl constructor. Made
+ the former ASSERT that its buffer was indeed inline, and the latter ASSERT
+ that its buffer was indeed not inline.
+
2010-02-05 Chris Marrin <cmarrin at apple.com>
Reviewed by Simon Fraser.
diff --git a/WebCore/platform/text/StringImpl.cpp b/WebCore/platform/text/StringImpl.cpp
index 3b61a0b..db6152d 100644
--- a/WebCore/platform/text/StringImpl.cpp
+++ b/WebCore/platform/text/StringImpl.cpp
@@ -97,6 +97,16 @@ inline StringImpl::StringImpl(const UChar* characters, unsigned length)
{
ASSERT(characters);
ASSERT(length);
+ ASSERT(!bufferIsInternal());
+}
+
+inline StringImpl::StringImpl(unsigned length)
+ : m_data(reinterpret_cast<const UChar*>(this + 1))
+ , m_length(length)
+ , m_hash(0)
+{
+ ASSERT(length);
+ ASSERT(bufferIsInternal());
}
StringImpl::~StringImpl()
@@ -927,7 +937,7 @@ PassRefPtr<StringImpl> StringImpl::createUninitialized(unsigned length, UChar*&
size_t size = sizeof(StringImpl) + length * sizeof(UChar);
StringImpl* string = static_cast<StringImpl*>(fastMalloc(size));
data = reinterpret_cast<UChar*>(string + 1);
- string = new (string) StringImpl(data, length);
+ string = new (string) StringImpl(length);
return adoptRef(string);
}
diff --git a/WebCore/platform/text/StringImpl.h b/WebCore/platform/text/StringImpl.h
index f7a9d06..21f936d 100644
--- a/WebCore/platform/text/StringImpl.h
+++ b/WebCore/platform/text/StringImpl.h
@@ -66,9 +66,12 @@ private:
friend class ThreadGlobalData;
StringImpl();
- // This adopts the UChar* without copying the buffer.
+ // This constructor adopts the UChar* without copying the buffer.
StringImpl(const UChar*, unsigned length);
+ // This constructor assumes that 'this' was allocated with a UChar buffer of size 'length' at the end.
+ StringImpl(unsigned length);
+
// For use only by AtomicString's XXXTranslator helpers.
void setHash(unsigned hash) { ASSERT(!m_hash); m_hash = hash; }
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list