[SCM] WebKit Debian packaging branch, webkit-1.1, updated. upstream/1.1.19-706-ge5415e9

barraclough at apple.com barraclough at apple.com
Thu Feb 4 21:22:13 UTC 2010 

The following commit has been merged in the webkit-1.1 branch:
commit 60f51dd6247ec3d2eb3c26c384799db7d2893afd
Author: barraclough at apple.com <barraclough at apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Thu Jan 21 00:15:27 2010 +0000

    <rdar://problem/7557695> REGRESSION(r53445-r53449): Many new memory leaks (33867)
    
    Reviewed by NOBODY.
    
    Revert r53447, since this caused leaks.
    
    * WebCore.base.exp:
    * platform/text/StringImpl.cpp:
    (WebCore::StringImpl::operator new):
    (WebCore::StringImpl::operator delete):
    (WebCore::StringImpl::StringImpl):
    (WebCore::StringImpl::~StringImpl):
    (WebCore::StringImpl::create):
    (WebCore::StringImpl::createWithTerminatingNullCharacter):
    (WebCore::StringImpl::crossThreadString):
    (WebCore::StringImpl::sharedBuffer):
    * platform/text/StringImpl.h:
    (WebCore::StringImpl::hasTerminatingNullCharacter):
    (WebCore::StringImpl::inTable):
    (WebCore::StringImpl::setInTable):
    (WebCore::StringImpl::):
    * storage/OriginUsageRecord.cpp:
    (WebCore::OriginUsageRecord::addDatabase):
    (WebCore::OriginUsageRecord::markDatabase):
    
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@53575 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index a123f61..daecca0 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,30 @@
+2010-01-20  Gavin Barraclough  <barraclough at apple.com>
+
+        Reviewed by NOBODY.
+
+        <rdar://problem/7557695> REGRESSION(r53445-r53449): Many new memory leaks (33867)
+
+        Revert r53447, since this caused leaks.
+
+        * WebCore.base.exp:
+        * platform/text/StringImpl.cpp:
+        (WebCore::StringImpl::operator new):
+        (WebCore::StringImpl::operator delete):
+        (WebCore::StringImpl::StringImpl):
+        (WebCore::StringImpl::~StringImpl):
+        (WebCore::StringImpl::create):
+        (WebCore::StringImpl::createWithTerminatingNullCharacter):
+        (WebCore::StringImpl::crossThreadString):
+        (WebCore::StringImpl::sharedBuffer):
+        * platform/text/StringImpl.h:
+        (WebCore::StringImpl::hasTerminatingNullCharacter):
+        (WebCore::StringImpl::inTable):
+        (WebCore::StringImpl::setInTable):
+        (WebCore::StringImpl::):
+        * storage/OriginUsageRecord.cpp:
+        (WebCore::OriginUsageRecord::addDatabase):
+        (WebCore::OriginUsageRecord::markDatabase):
+
 2010-01-20  Jian Li  <jianli at chromium.org>
 
         Reviewed by Dmitry Titov.
diff --git a/WebCore/WebCore.base.exp b/WebCore/WebCore.base.exp
index fefcb6c..9a1181b 100644
--- a/WebCore/WebCore.base.exp
+++ b/WebCore/WebCore.base.exp
@@ -143,6 +143,7 @@ __ZN7WebCore10StringImpl7ustringEv
 __ZN7WebCore10StringImpl8endsWithEPS0_b
 __ZN7WebCore10StringImplD1Ev
 __ZN7WebCore10StringImplcvP8NSStringEv
+__ZN7WebCore10StringImpldlEPv
 __ZN7WebCore10handCursorEv
 __ZN7WebCore10setCookiesEPNS_8DocumentERKNS_4KURLERKNS_6StringE
 __ZN7WebCore11BitmapImageC1EP7CGImagePNS_13ImageObserverE
diff --git a/WebCore/platform/text/StringImpl.cpp b/WebCore/platform/text/StringImpl.cpp
index 1afa4d3..3b61a0b 100644
--- a/WebCore/platform/text/StringImpl.cpp
+++ b/WebCore/platform/text/StringImpl.cpp
@@ -57,12 +57,31 @@ static inline void deleteUCharVector(const UChar* p)
     fastFree(const_cast<UChar*>(p));
 }
 
+// Some of the factory methods create buffers using fastMalloc.
+// We must ensure that all allocations of StringImpl are allocated using
+// fastMalloc so that we don't have mis-matched frees. We accomplish 
+// this by overriding the new and delete operators.
+void* StringImpl::operator new(size_t size, void* address)
+{
+    if (address)
+        return address;  // Allocating using an internal buffer
+    return fastMalloc(size);
+}
+
+void* StringImpl::operator new(size_t size)
+{
+    return fastMalloc(size);
+}
+
+void StringImpl::operator delete(void* address)
+{
+    fastFree(address);
+}
+
 // This constructor is used only to create the empty string.
 StringImpl::StringImpl()
     : m_data(0)
-    , m_sharedBuffer(0)
     , m_length(0)
-    , m_refCountAndFlags(s_refCountIncrement)
     , m_hash(0)
 {
     // Ensure that the hash is computed so that AtomicStringHash can call existingHash()
@@ -73,9 +92,7 @@ StringImpl::StringImpl()
 
 inline StringImpl::StringImpl(const UChar* characters, unsigned length)
     : m_data(characters)
-    , m_sharedBuffer(0)
     , m_length(length)
-    , m_refCountAndFlags(s_refCountIncrement)
     , m_hash(0)
 {
     ASSERT(characters);
@@ -87,7 +104,7 @@ StringImpl::~StringImpl()
     if (inTable())
         AtomicString::remove(this);
     if (!bufferIsInternal()) {
-        SharedUChar* sharedBuffer = m_sharedBuffer;
+        SharedUChar* sharedBuffer = m_sharedBufferAndFlags.get();
         if (sharedBuffer)
             sharedBuffer->deref();
         else
@@ -953,7 +970,7 @@ PassRefPtr<StringImpl> StringImpl::create(const JSC::UString& str)
     if (sharedBuffer) {
         PassRefPtr<StringImpl> impl = adoptRef(new StringImpl(str.data(), str.size()));
         sharedBuffer->ref();
-        impl->m_sharedBuffer = sharedBuffer;
+        impl->m_sharedBufferAndFlags.set(sharedBuffer);
         return impl;
     }
     return StringImpl::create(str.data(), str.size());
@@ -980,7 +997,7 @@ PassRefPtr<StringImpl> StringImpl::createWithTerminatingNullCharacter(const Stri
     data[length] = 0;
     terminatedString->m_length--;
     terminatedString->m_hash = string.m_hash;
-    terminatedString->m_refCountAndFlags |= s_refCountFlagHasTerminatingNullCharacter;
+    terminatedString->m_sharedBufferAndFlags.setFlag(HasTerminatingNullCharacter);
     return terminatedString.release();
 }
 
@@ -997,7 +1014,7 @@ PassRefPtr<StringImpl> StringImpl::crossThreadString()
     SharedUChar* shared = sharedBuffer();
     if (shared) {
         RefPtr<StringImpl> impl = adoptRef(new StringImpl(m_data, m_length));
-        impl->m_sharedBuffer = shared->crossThreadCopy().releaseRef();
+        impl->m_sharedBufferAndFlags.set(shared->crossThreadCopy().releaseRef());
         return impl.release();
     }
 
@@ -1010,9 +1027,9 @@ StringImpl::SharedUChar* StringImpl::sharedBuffer()
     if (m_length < minLengthToShare || bufferIsInternal())
         return 0;
 
-    if (!m_sharedBuffer)
-        m_sharedBuffer = SharedUChar::create(new OwnFastMallocPtr<UChar>(const_cast<UChar*>(m_data))).releaseRef();
-    return m_sharedBuffer;
+    if (!m_sharedBufferAndFlags.get())
+        m_sharedBufferAndFlags.set(SharedUChar::create(new OwnFastMallocPtr<UChar>(const_cast<UChar*>(m_data))).releaseRef());
+    return m_sharedBufferAndFlags.get();
 }
 
 
diff --git a/WebCore/platform/text/StringImpl.h b/WebCore/platform/text/StringImpl.h
index a105985..f7a9d06 100644
--- a/WebCore/platform/text/StringImpl.h
+++ b/WebCore/platform/text/StringImpl.h
@@ -26,8 +26,8 @@
 #include <limits.h>
 #include <wtf/ASCIICType.h>
 #include <wtf/CrossThreadRefCounted.h>
-#include <wtf/Noncopyable.h>
 #include <wtf/OwnFastMallocPtr.h>
+#include <wtf/PtrAndFlags.h>
 #include <wtf/RefCounted.h>
 #include <wtf/StringHashFunctions.h>
 #include <wtf/Vector.h>
@@ -58,7 +58,7 @@ enum TextCaseSensitivity { TextCaseSensitive, TextCaseInsensitive };
 
 typedef bool (*CharacterMatchFunctionPtr)(UChar);
 
-class StringImpl : public Noncopyable {
+class StringImpl : public RefCounted<StringImpl> {
     friend struct CStringTranslator;
     friend struct HashAndCharactersTranslator;
     friend struct UCharBufferTranslator;
@@ -96,20 +96,16 @@ public:
     const UChar* characters() { return m_data; }
     unsigned length() { return m_length; }
 
-    bool hasTerminatingNullCharacter() const { return m_refCountAndFlags & s_refCountFlagHasTerminatingNullCharacter; }
+    bool hasTerminatingNullCharacter() const { return m_sharedBufferAndFlags.isFlagSet(HasTerminatingNullCharacter); }
 
-    bool inTable() const { return m_refCountAndFlags & s_refCountFlagInTable; }
-    void setInTable() { m_refCountAndFlags |= s_refCountFlagInTable; }
+    bool inTable() const { return m_sharedBufferAndFlags.isFlagSet(InTable); }
+    void setInTable() { return m_sharedBufferAndFlags.setFlag(InTable); }
 
     unsigned hash() { if (m_hash == 0) m_hash = computeHash(m_data, m_length); return m_hash; }
     unsigned existingHash() const { ASSERT(m_hash); return m_hash; }
     inline static unsigned computeHash(const UChar* data, unsigned length) { return WTF::stringHash(data, length); }
     inline static unsigned computeHash(const char* data) { return WTF::stringHash(data); }
     
-    StringImpl* ref() { m_refCountAndFlags += s_refCountIncrement; return this; }
-    ALWAYS_INLINE void deref() { m_refCountAndFlags -= s_refCountIncrement; if (!(m_refCountAndFlags & s_refCountMask)) delete this; }
-    ALWAYS_INLINE bool hasOneRef() const { return (m_refCountAndFlags & s_refCountMask) == s_refCountIncrement; }
-
     // Returns a StringImpl suitable for use on another thread.
     PassRefPtr<StringImpl> crossThreadString();
     // Makes a deep copy. Helpful only if you need to use a String on another thread
@@ -179,9 +175,13 @@ public:
     operator NSString*();
 #endif
 
+    void operator delete(void*);
+
 private:
-    using Noncopyable::operator new;
-    void* operator new(size_t, void* inPlace) { ASSERT(inPlace); return inPlace; }
+    // Allocation from a custom buffer is only allowed internally to avoid
+    // mismatched allocators. Callers should use create().
+    void* operator new(size_t size);
+    void* operator new(size_t size, void* address);
 
     static PassRefPtr<StringImpl> createStrippingNullCharactersSlowCase(const UChar*, unsigned length);
     
@@ -189,16 +189,15 @@ private:
     // In this case, the m_data pointer is an "internal buffer", and does not need to be deallocated.
     bool bufferIsInternal() { return m_data == reinterpret_cast<const UChar*>(this + 1); }
 
-    static const unsigned s_refCountMask = 0xFFFFFFFC;
-    static const unsigned s_refCountIncrement = 0x4;
-    static const unsigned s_refCountFlagHasTerminatingNullCharacter = 0x2;
-    static const unsigned s_refCountFlagInTable = 0x1;
+    enum StringImplFlags {
+        HasTerminatingNullCharacter,
+        InTable,
+    };
 
     const UChar* m_data;
-    SharedUChar* m_sharedBuffer;
     unsigned m_length;
-    unsigned m_refCountAndFlags;
     mutable unsigned m_hash;
+    PtrAndFlags<SharedUChar, StringImplFlags> m_sharedBufferAndFlags;
     // There is a fictitious variable-length UChar array at the end, which is used
     // as the internal buffer by the createUninitialized and create methods.
 };
diff --git a/WebCore/storage/OriginUsageRecord.cpp b/WebCore/storage/OriginUsageRecord.cpp
index 8128a1b..684df53 100644
--- a/WebCore/storage/OriginUsageRecord.cpp
+++ b/WebCore/storage/OriginUsageRecord.cpp
@@ -42,8 +42,8 @@ OriginUsageRecord::OriginUsageRecord()
 void OriginUsageRecord::addDatabase(const String& identifier, const String& fullPath)
 {
     ASSERT(!m_databaseMap.contains(identifier));
-    ASSERT_ARG(identifier, identifier.impl()->hasOneRef());
-    ASSERT_ARG(fullPath, fullPath.impl()->hasOneRef());
+    ASSERT_ARG(identifier, identifier.impl()->refCount() == 1);
+    ASSERT_ARG(fullPath, fullPath.impl()->refCount() == 1);
 
     m_databaseMap.set(identifier, DatabaseEntry(fullPath));
     m_unknownSet.add(identifier);
@@ -63,7 +63,7 @@ void OriginUsageRecord::removeDatabase(const String& identifier)
 void OriginUsageRecord::markDatabase(const String& identifier)
 {
     ASSERT(m_databaseMap.contains(identifier));
-    ASSERT_ARG(identifier, identifier.impl()->hasOneRef());
+    ASSERT_ARG(identifier, identifier.impl()->refCount() == 1);
 
     m_unknownSet.add(identifier);
     m_cachedDiskUsageIsValid = false;

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list