Artificially increase the ref count on WebCore strings that we use as

external V8 strings. We seem to be occasionally losing the data for our external strings. The current hypothesis is that there is a reference counting bug in WebCore somewhere which is leading to premature deletion of the string data. This change is an attempt to verify that this is in fact the case. By artificially increasing the ref count on the strings, we should reduce the likelihood of accidental deletion because of ref counting being slightly off. If we can confirm that this removes most of the crashes, we know that the problem is WebCore ref counting related. BUG=9746 Review URL: http://codereview.chromium.org/99174 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@14838 0039d316-1c4b-4281-b951-d872f2087c98

Artificially increase the ref count on WebCore strings that we use as
external V8 strings. We seem to be occasionally losing the data for our external strings. The current hypothesis is that there is a reference counting bug in WebCore somewhere which is leading to premature deletion of the string data. This change is an attempt to verify that this is in fact the case. By artificially increasing the ref count on the strings, we should reduce the likelihood of accidental deletion because of ref counting being slightly off. If we can confirm that this removes most of the crashes, we know that the problem is WebCore ref counting related. BUG=9746 Review URL: http://codereview.chromium.org/99174 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@14838 0039d316-1c4b-4281-b951-d872f2087c98
251d1dbb · ager@chromium.org · 1543aa25 · 251d1dbb
Commit 251d1dbb authored Apr 29, 2009 by ager@chromium.org
Hide whitespace changes
Inline Side-by-side

Showing with 30 additions and 2 deletions

webkit/port/bindings/v8/v8_binding.cpp webkit/port/bindings/v8/v8_binding.cpp +30 -2

No files found.
--- a/webkit/port/bindings/v8/v8_binding.cpp
+++ b/webkit/port/bindings/v8/v8_binding.cpp
@@ -19,9 +19,30 @@ namespace WebCore {
 class WebCoreStringResource: public v8::String::ExternalStringResource {
 public:
  explicit WebCoreStringResource(const String& str)
-      : impl_(str.impl()) { }
+      : impl_(str.impl()) {
+    // We seem to be occasionally losing the backing string for external
+    // strings: http://crbug.com/9746
+    //
+    // In order to verify that this is caused by a ref counting bug, we
+    // artificially increase the ref count on the backing string until
+    // we are done using it for external strings.
+    //
+    // TODO(ager): This is temporary and should be removed once we have
+    // found the underlying cause of the problem.
+    for (int i = 0; i < kArtificialRefIncrease; i++) {
+      impl_.impl()->ref();
+    }
+  }
-  virtual ~WebCoreStringResource() {}
+  virtual ~WebCoreStringResource() {
+    // Remove the artificial ref counts added in the constructor.
+    //
+    // TODO(ager): This is temporary and should be removed once we have
+    // found the underlying cause of the problem.
+    for (int i = 0; i < kArtificialRefIncrease; i++) {
+      impl_.impl()->deref();
+    }
+  }
  const uint16_t* data() const {
    return reinterpret_cast<const uint16_t*>(impl_.characters());
@@ -32,6 +53,13 @@ class WebCoreStringResource: public v8::String::ExternalStringResource {
  String webcore_string() { return impl_; }
 private:
+  // The amount by which we artificially increase the reference count
+  // of the backing string.
+  //
+  // TODO(ager): This is temporary and should be removed once we have
+  // found the underlying cause of the problem.
+  static const int kArtificialRefIncrease = 5;
  // A shallow copy of the string.
  // Keeps the string buffer alive until the V8 engine garbage collects it.
  String impl_;