From c48089977dc4d2a63d37e6668382c10b42e22a72 Mon Sep 17 00:00:00 2001 From: dsinclair Date: Mon, 19 Sep 2016 08:37:10 -0700 Subject: Revert of Pdfium: Fix fonts leaking on ClosePage. (patchset #10 id:180001 of https://codereview.chromium.org/2158023002/ ) Reason for revert: Causes heap-use-after-free. See crbug.com/647612. Original issue's description: > Fix memory leaking on ClosePage. > CFX_FontCache refactoring: > after this CL: Only one global CFX_FontCache used. Any cached items from it, are released, when its are not used. > > BUG=79367,48791 > > The fonts was not cleared after unloading pages. > > Test pdf: > > http://www.nasa.gov/pdf/750614main_NASA_FY_2014_Budget_Estimates-508.pdf > > For this file, we have ~5 fonts per page, which equal ~1 Mb per page. > In this PDF we have 670 pages, as result after slow scrolling(reading) full document we have ~600 Mb fonts data in memory. > > memory usage of PDF Plugin: > before this CL: ~660 Mb > after this CL: ~100 Mb > > Committed: https://pdfium.googlesource.com/pdfium/+/cde5101eb15b24519e89fa500fe37038bc8e2201 TBR=tsepez@chromium.org,brucedawson@chromium.org,npm@chromium.org,art-snake@yandex-team.ru # Not skipping CQ checks because original CL landed more than 1 days ago. BUG=79367,48791 Review-Url: https://codereview.chromium.org/2350763002 --- core/fpdfapi/fpdf_page/fpdf_page_doc.cpp | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) (limited to 'core/fpdfapi/fpdf_page') diff --git a/core/fpdfapi/fpdf_page/fpdf_page_doc.cpp b/core/fpdfapi/fpdf_page/fpdf_page_doc.cpp index f83d6fa613..9e586e326f 100644 --- a/core/fpdfapi/fpdf_page/fpdf_page_doc.cpp +++ b/core/fpdfapi/fpdf_page/fpdf_page_doc.cpp @@ -214,10 +214,9 @@ void CPDF_DocPageData::ReleaseFont(const CPDF_Dictionary* pFontDict) { return; pFontData->RemoveRef(); - if (pFontData->use_count() > 1) + if (pFontData->use_count() != 0) return; - // We have font data only in m_FontMap cache. Clean it. pFontData->clear(); } @@ -331,10 +330,9 @@ void CPDF_DocPageData::ReleaseColorSpace(const CPDF_Object* pColorSpace) { return; pCountedColorSpace->RemoveRef(); - if (pCountedColorSpace->use_count() > 1) + if (pCountedColorSpace->use_count() != 0) return; - // We have item only in m_ColorSpaceMap cache. Clean it. pCountedColorSpace->get()->ReleaseCS(); pCountedColorSpace->reset(nullptr); } @@ -393,10 +391,9 @@ void CPDF_DocPageData::ReleasePattern(const CPDF_Object* pPatternObj) { return; pPattern->RemoveRef(); - if (pPattern->use_count() > 1) + if (pPattern->use_count() != 0) return; - // We have item only in m_PatternMap cache. Clean it. pPattern->clear(); } @@ -432,10 +429,9 @@ void CPDF_DocPageData::ReleaseImage(const CPDF_Object* pImageStream) { return; pCountedImage->RemoveRef(); - if (pCountedImage->use_count() > 1) + if (pCountedImage->use_count() != 0) return; - // We have item only in m_ImageMap cache. Clean it. delete pCountedImage->get(); delete pCountedImage; m_ImageMap.erase(it); @@ -458,8 +454,7 @@ CPDF_IccProfile* CPDF_DocPageData::GetIccProfile( auto hash_it = m_HashProfileMap.find(bsDigest); if (hash_it != m_HashProfileMap.end()) { auto it_copied_stream = m_IccProfileMap.find(hash_it->second); - if (it_copied_stream != m_IccProfileMap.end()) - return it_copied_stream->second->AddRef(); + return it_copied_stream->second->AddRef(); } CPDF_IccProfile* pProfile = new CPDF_IccProfile(stream.GetData(), stream.GetSize()); @@ -478,8 +473,7 @@ void CPDF_DocPageData::ReleaseIccProfile(const CPDF_IccProfile* pIccProfile) { continue; profile->RemoveRef(); - if (profile->use_count() == 1) { - // We have item only in m_IccProfileMap cache. Clean it. + if (profile->use_count() == 0) { delete profile->get(); delete profile; m_IccProfileMap.erase(it); @@ -524,10 +518,9 @@ void CPDF_DocPageData::ReleaseFontFileStreamAcc( return; pCountedStream->RemoveRef(); - if (pCountedStream->use_count() > 1) + if (pCountedStream->use_count() != 0) return; - // We have item only in m_FontFileMap cache. Clean it. delete pCountedStream->get(); delete pCountedStream; m_FontFileMap.erase(it); -- cgit v1.2.3