Bug 24551

Summary:

[Qt] leaks in font-handling

Product:

WebKit

Reporter:

Balazs Kelemen <kbalazs>

Component:

Platform

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

ariya.hidayat, hausmann, hyatt, laszlo.gombos, zecke

Priority:

Version:

528+ (Nightly build)

Hardware:

OS:

Linux

Attachments:

Description	Flags
proposed patch	none
proposed patch	hyatt: review-
proposed patch	none
proposed patch	none
proposed patch	none
proposed patch	none
proposed patch - more clever solution	none
proposed patch - more clever solution	none
proposed patch - the simpler one	none
proposed patch - the caching one	none

Balazs Kelemen

Reported 2009-03-12 11:04:22 PDT

I found there are leaking SimpleFontData objects in QtWebKit. That's because the result of FontFallbackList::fontDataAt is not freed. I made FontData, SimpleFontData and SegmentedFontData ref-counted and used RefPtr-s when ownership is passed. The patch are not complete yet because other ports are not compile with it. Our measurements shows it has a very good affect on memory usage at least in the case of Qt port.

Attachments
proposed patch (15.35 KB, patch) 2009-03-12 11:07 PDT, Balazs Kelemen	no flags	Details Formatted Diff Diff
proposed patch (15.91 KB, patch) 2009-03-17 01:29 PDT, Balazs Kelemen	hyatt: review-	Details Formatted Diff Diff
proposed patch (3.04 KB, patch) 2009-03-25 09:39 PDT, Balazs Kelemen	no flags	Details Formatted Diff Diff
proposed patch (3.04 KB, patch) 2009-03-25 10:06 PDT, Balazs Kelemen	no flags	Details Formatted Diff Diff
proposed patch (4.13 KB, patch) 2009-03-26 05:57 PDT, Balazs Kelemen	no flags	Details Formatted Diff Diff
proposed patch (4.52 KB, patch) 2009-04-01 06:15 PDT, Balazs Kelemen	no flags	Details Formatted Diff Diff
proposed patch - more clever solution (7.31 KB, patch) 2009-04-03 09:36 PDT, Balazs Kelemen	no flags	Details Formatted Diff Diff
proposed patch - more clever solution (11.07 KB, patch) 2009-04-06 02:12 PDT, Balazs Kelemen	no flags	Details Formatted Diff Diff
proposed patch - the simpler one (4.56 KB, patch) 2009-04-27 02:39 PDT, Balazs Kelemen	no flags	Details Formatted Diff Diff
proposed patch - the caching one (11.11 KB, patch) 2009-04-27 02:50 PDT, Balazs Kelemen	no flags	Details Formatted Diff Diff
Show Obsolete (8) View All Add attachment proposed patch, testcase, etc.

Balazs Kelemen

Comment 1 2009-03-12 11:07:32 PDT

Created attachment 28536 [details] proposed patch

Balazs Kelemen

Comment 2 2009-03-17 01:29:59 PDT

Created attachment 28684 [details] proposed patch Extend the first patch with doing a delete in FontCache::getCachedFontData(const FontPlatformData* data) for the parameter because without this it is leaking.

Dave Hyatt

Comment 3 2009-03-17 11:07:40 PDT

Comment on attachment 28684 [details] proposed patch I am not convinced this is necessary. If the bug is Qt-specific, it seems like Qt should come more in line with the other platforms rather than making all the other platforms use refcounting unnecessarily.

Balazs Kelemen

Comment 4 2009-03-25 09:39:58 PDT

Created attachment 28928 [details] proposed patch New solution what solves the problem internally.

Dave Hyatt

Comment 5 2009-03-25 09:55:29 PDT

Comment on attachment 28928 [details] proposed patch This looks ok to me. Typo in ChangeLog... "objets" should "objects"

Balazs Kelemen

Comment 6 2009-03-25 10:06:58 PDT

Created attachment 28931 [details] proposed patch Typo in Changelog (and call zecke for review).

Holger Freyther

Comment 7 2009-03-26 02:43:47 PDT

Comment on attachment 28931 [details] proposed patch > FontPlatformData* FontCache::getCachedFontPlatformData(const FontDescription& description, const AtomicString& family, bool checkingAlternateName) > { > - return new FontPlatformData(description); > + return 0; This will lead to a null pointer dereference in CSSFontFaceSource::getFontData.

Balazs Kelemen

Comment 8 2009-03-26 04:20:04 PDT

I see. We can solve it locally like checking the pointer and if it is 0 then creating a new FontPlatformData object. If it is a unique situation then it would be enough. If it is just an example of how can bad happens then we must find a more general solution. I guess it can be unique because the patch worked form me (I could browse with QtLauncher without segfault after applied it). I see two possibilities: 1. introduce a macro like USE_FONTCACHE and add #ifdef-s when it is necessary 2. implement a FontCache that provides the needed interface without leaking So, what do you prefer? Local solution, one of the two above, or something else? Anyway, I think we must not return with a pointer of a newly created and instantly released object from methods of FontCache.

Balazs Kelemen

Comment 9 2009-03-26 05:57:28 PDT

Created attachment 28966 [details] proposed patch Local fix in WebCore::CSSFontFaceSource::getFontData

Balazs Kelemen

Comment 10 2009-03-26 06:07:18 PDT

(In reply to comment #9) grep says we do not have to do more checks like this so I believe the patch is right

Balazs Kelemen

Comment 11 2009-03-26 10:35:39 PDT

Ops, in a more fully browsing I get segfault, so I must clear the review flag. Things get wrong in method(s) of SVGFont. It is because returning with zero from FontCache::getCachedFontPlatformData. The leak can also destroy through returning from this with a new object and delete it in FontCache::getCachedFontData (it gets it as a parameter) but I think it is silly so I try to find a better solution.

Balazs Kelemen

Comment 12 2009-04-01 06:15:52 PDT

Created attachment 29158 [details] proposed patch At last ready, not leaking, not crashing.

Balazs Kelemen

Comment 13 2009-04-03 09:36:38 PDT

Created attachment 29228 [details] proposed patch - more clever solution There is a logical mistake in the previous patch: FontFallbackList::fontDataAt gives back the SimpleFontData what has been created the first time without taking care about what FontDescription the Font what it gets as parameter has. I am not sure it is really a problem because the outputs of LayoutTests are equivalents of what they are with a clean TOT build. I tried the tests in css1/font_properties and in fonts by load and see them (because they fail even with the clean build). However I made another solution what does not suffer from this problem by transplanted some of the logic from FontCache.cpp to FontFallbackListQt.cpp and made a mapping from FontDescription to the SimpleFontData what we create and give back. I am not sure about what copyright and license should I use for the new file and where should I put it - let we discuss about it if you like the patch. Now there are 2 different solution for the same problem - you can choose what is better. I would be very happy if we could fix and close the bug somehow.

Balazs Kelemen

Comment 14 2009-04-06 02:12:37 PDT

Created attachment 29277 [details] proposed patch - more clever solution Same as the previous with typos, copyright and Changelog.

Balazs Kelemen

Comment 15 2009-04-27 02:39:26 PDT

Created attachment 29815 [details] proposed patch - the simpler one Ifdefing the changes in CSSFontFaceSource

Balazs Kelemen

Comment 16 2009-04-27 02:50:57 PDT

Created attachment 29816 [details] proposed patch - the caching one Ifdefing changes in CSSFontFaceSource.cpp

Ariya Hidayat

Comment 17 2009-05-18 07:14:46 PDT

As discussed with Kelemen on IRC, I splitted the patch into two parts. The first part is landed in r43828: http://trac.webkit.org/changeset/43828 The second part is a simplification of the caching method. It is landed in r43830: http://trac.webkit.org/changeset/43830

Note You need to log in before you can comment on or make changes to this bug.