Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(26)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1226373008: Oilpan: switch ImageLoader to be prefinalized. (Closed)

Created:
5 years, 5 months ago by sof
Modified:
5 years, 5 months ago
Reviewers:
oilpan-reviews, haraken
CC:
blink-reviews, tyoshino+watch_chromium.org, Nate Chapin, gavinp+loader_chromium.org
Base URL:
https://chromium.googlesource.com/chromium/blink.git@master
Target Ref:
refs/heads/master
Project:
blink
Visibility:
Public.

Description

Oilpan: switch ImageLoader to be prefinalized. If an ImageLoader for an SVGImage ends up being swept out along with a FrameView (a ScrollableArea), the former may circuitously end up accessing the latter via its destructor. Having both be eagerly finalized, or prefinalized, doesn't guarantee a correct destruction order. Hence, to address, arrange for the ImageLoader to be finalized/disposed of first by way of a prefinalizing action. R=haraken BUG=491488 Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=198753

Patch Set 1 #

Patch Set 2 : compile fix #

Unified diffs Side-by-side diffs Delta from patch set Stats (+20 lines, -6 lines) Patch
M Source/core/loader/ImageLoader.h View 1 3 chunks +10 lines, -6 lines 0 comments Download
M Source/core/loader/ImageLoader.cpp View 1 chunk +10 lines, -0 lines 0 comments Download

Messages

Total messages: 11 (3 generated)
sof
please take a look. As mentioned a couple of times, we've got a finalization issue ...
5 years, 5 months ago (2015-07-13 05:17:30 UTC) #2
haraken
LGTM
5 years, 5 months ago (2015-07-13 05:20:18 UTC) #4
sof
We may get away with relying on prefinalizer ordering for this case, assuming that the ...
5 years, 5 months ago (2015-07-13 06:46:40 UTC) #5
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1226373008/20001
5 years, 5 months ago (2015-07-13 06:47:21 UTC) #7
commit-bot: I haz the power
Committed patchset #2 (id:20001) as https://src.chromium.org/viewvc/blink?view=rev&revision=198753
5 years, 5 months ago (2015-07-13 06:50:44 UTC) #8
haraken
On 2015/07/13 06:46:40, sof wrote: > We may get away with relying on prefinalizer ordering ...
5 years, 5 months ago (2015-07-13 06:55:33 UTC) #9
sof
On 2015/07/13 06:55:33, haraken wrote: > On 2015/07/13 06:46:40, sof wrote: > > We may ...
5 years, 5 months ago (2015-07-13 07:04:55 UTC) #10
haraken
5 years, 5 months ago (2015-07-13 07:20:49 UTC) #11
Message was sent while issue was closed. 
On 2015/07/13 07:04:55, sof wrote:
> On 2015/07/13 06:55:33, haraken wrote:
> > On 2015/07/13 06:46:40, sof wrote:
> > > We may get away with relying on prefinalizer ordering for this case,
> assuming
> > > that the ImageLoader's prefinalizer will be register after any FrameViews'
> > are.
> > > But I'm not convinced prefinalizer ordering will be sufficient in the end.
> > 
> > I'm not yet convinced either -- but I'm thinking that a pre-finalizer would
be
> a
> > more powerful and easy-to-understand way to control destruction ordering
> issues.
> > 
> > > btw, you could argue that eager sweeping should be done in a reverse order
> > also.
> > 
> > It's not easy to introduce a notion of ordering to the heap structure, isn't
> it?
> 
> It would be approximate, yes, but we already have a page ordering as wanted
wrt
> allocation times, but would have to do intra-page sweeps differently (stack up
> the finalize()s first.)

But the freelist is managed on a intra-page basis. So I guess it's never
guaranteed that if A is allocated after B, the page which A belongs to is linked
after the page which B belongs to. I guess the only way to guarantee the
ordering would be to keep track of the ordering of the finalizers, which is
something the pre-finalizers are doing.

Powered by Google App Engine
This is Rietveld 408576698