Revert of Pdfium: Fix fonts leaking on ClosePage. (patchset #10 id:180001 of https://codereview.chromium.org/2158023002/ )

Reason for revert: Causes heap-use-after-free. See crbug.com/647612. Original issue's description: > Fix memory leaking on ClosePage. > CFX_FontCache refactoring: > after this CL: Only one global CFX_FontCache used. Any cached items from it, are released, when its are not used. > > BUG=79367,48791 > > The fonts was not cleared after unloading pages. > > Test pdf: > > http://www.nasa.gov/pdf/750614main_NASA_FY_2014_Budget_Estimates-508.pdf > > For this file, we have ~5 fonts per page, which equal ~1 Mb per page. > In this PDF we have 670 pages, as result after slow scrolling(reading) full document we have ~600 Mb fonts data in memory. > > memory usage of PDF Plugin: > before this CL: ~660 Mb > after this CL: ~100 Mb > > Committed: https://pdfium.googlesource.com/pdfium/+/cde5101eb15b24519e89fa500fe37038bc8e2201 TBR=tsepez@chromium.org,brucedawson@chromium.org,npm@chromium.org,art-snake@yandex-team.ru # Not skipping CQ checks because original CL landed more than 1 days ago. BUG=79367,48791 Review-Url: https://codereview.chromium.org/2350763002
author: dsinclair <dsinclair@chromium.org> 2016-09-19 08:37:10 -0700
committer: Commit bot <commit-bot@chromium.org> 2016-09-19 08:37:10 -0700
commit: c48089977dc4d2a63d37e6668382c10b42e22a72 (patch)
tree: 931e8a2f17d997e55c9bead576f7f672196844c0 /core/fxge/ge/cfx_fontcache.cpp
parent: ea3c3be83dae12ef682c68fc7cf906d790fd9f84 (diff)
download: pdfium-c48089977dc4d2a63d37e6668382c10b42e22a72.tar.xz
1 files changed, 34 insertions, 19 deletions
diff --git a/core/fxge/ge/cfx_fontcache.cpp b/core/fxge/ge/cfx_fontcache.cpp
index acae018c83..3ecd83c33f 100644
--- a/core/fxge/ge/cfx_fontcache.cpp
+++ b/core/fxge/ge/cfx_fontcache.cpp
@@ -10,43 +10,38 @@
 #include "core/fxge/include/fx_font.h"
 #include "core/fxge/include/fx_freetype.h"
 
-CFX_FontCache::CountedFaceCache::CountedFaceCache() {}
-
-CFX_FontCache::CountedFaceCache::~CountedFaceCache() {}
-
 CFX_FontCache::CFX_FontCache() {}
 
 CFX_FontCache::~CFX_FontCache() {
-  ASSERT(m_ExtFaceMap.empty());
-  ASSERT(m_FTFaceMap.empty());
+  FreeCache(TRUE);
 }
 
-CFX_FaceCache* CFX_FontCache::GetCachedFace(const CFX_Font* pFont) {
+CFX_FaceCache* CFX_FontCache::GetCachedFace(CFX_Font* pFont) {
   FXFT_Face face = pFont->GetFace();
   const bool bExternal = !face;
   CFX_FTCacheMap& map = bExternal ? m_ExtFaceMap : m_FTFaceMap;
   auto it = map.find(face);
   if (it != map.end()) {
-    CountedFaceCache* counted_face_cache = it->second.get();
+    CFX_CountedFaceCache* counted_face_cache = it->second;
     counted_face_cache->m_nCount++;
-    return counted_face_cache->m_Obj.get();
+    return counted_face_cache->m_Obj;
   }
 
-  std::unique_ptr<CountedFaceCache> counted_face_cache(new CountedFaceCache);
-  counted_face_cache->m_nCount = 2;
   CFX_FaceCache* face_cache = new CFX_FaceCache(bExternal ? nullptr : face);
-  counted_face_cache->m_Obj.reset(face_cache);
-  map[face] = std::move(counted_face_cache);
+  CFX_CountedFaceCache* counted_face_cache = new CFX_CountedFaceCache;
+  counted_face_cache->m_nCount = 2;
+  counted_face_cache->m_Obj = face_cache;
+  map[face] = counted_face_cache;
   return face_cache;
 }
 
 #ifdef _SKIA_SUPPORT_
-CFX_TypeFace* CFX_FontCache::GetDeviceCache(const CFX_Font* pFont) {
+CFX_TypeFace* CFX_FontCache::GetDeviceCache(CFX_Font* pFont) {
   return GetCachedFace(pFont)->GetDeviceCache(pFont);
 }
 #endif
 
-void CFX_FontCache::ReleaseCachedFace(const CFX_Font* pFont) {
+void CFX_FontCache::ReleaseCachedFace(CFX_Font* pFont) {
   FXFT_Face face = pFont->GetFace();
   const bool bExternal = !face;
   CFX_FTCacheMap& map = bExternal ? m_ExtFaceMap : m_FTFaceMap;
@@ -55,10 +50,30 @@ void CFX_FontCache::ReleaseCachedFace(const CFX_Font* pFont) {
   if (it == map.end())
     return;
 
-  CountedFaceCache* counted_face_cache = it->second.get();
-  if (counted_face_cache->m_nCount > 2) {
+  CFX_CountedFaceCache* counted_face_cache = it->second;
+  if (counted_face_cache->m_nCount > 1) {
     counted_face_cache->m_nCount--;
-  } else {
-    map.erase(it);
+  }
+}
+
+void CFX_FontCache::FreeCache(FX_BOOL bRelease) {
+  for (auto it = m_FTFaceMap.begin(); it != m_FTFaceMap.end();) {
+    auto curr_it = it++;
+    CFX_CountedFaceCache* cache = curr_it->second;
+    if (bRelease || cache->m_nCount < 2) {
+      delete cache->m_Obj;
+      delete cache;
+      m_FTFaceMap.erase(curr_it);
+    }
+  }
+
+  for (auto it = m_ExtFaceMap.begin(); it != m_ExtFaceMap.end();) {
+    auto curr_it = it++;
+    CFX_CountedFaceCache* cache = curr_it->second;
+    if (bRelease || cache->m_nCount < 2) {
+      delete cache->m_Obj;
+      delete cache;
+      m_ExtFaceMap.erase(curr_it);
+    }
   }
 }
author	dsinclair <dsinclair@chromium.org>	2016-09-19 08:37:10 -0700
committer	Commit bot <commit-bot@chromium.org>	2016-09-19 08:37:10 -0700
commit	c48089977dc4d2a63d37e6668382c10b42e22a72 (patch)
tree	931e8a2f17d997e55c9bead576f7f672196844c0 /core/fxge/ge/cfx_fontcache.cpp
parent	ea3c3be83dae12ef682c68fc7cf906d790fd9f84 (diff)
download	pdfium-c48089977dc4d2a63d37e6668382c10b42e22a72.tar.xz