[Webkit-unassigned] [Bug 30977] New: Don't use global operators new/delete in wx port

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat Oct 31 07:12:10 PDT 2009 

https://bugs.webkit.org/show_bug.cgi?id=30977

           Summary: Don't use global operators new/delete in wx port
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: All
        OS/Version: All
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: WebKit wx
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: vz-webkit at zeitlins.org


Using global operator new and delete defined in JavaScriptCore/wtf/FastMalloc.h
in wxWebKit results in crashes because fastFree() (used by operator delete) can
be called for pointers not allocated with fastMalloc() whenever something is
allocated inside wx itself and then is freed inside the application code. This
is extremely nasty especially when this happens implicitly by using a wx class
which happens to call delete from an inlined function: there are no calls to
"delete" anywhere in the code at all and it works just fine in debug build
(where the function is not inlined) but crashes in release. And while it should
be possible to fix this problem otherwise, e.g. by defining more overloads of
global delete for wx classes which wouldn't call fastFree() I think it's still
too dangerous to keep this delete overload as it's impossible to detect when it
is used incorrectly at compile-time so any (inevitable) bugs in such
workarounds would be only found when they result in run-time crashes. I was
lucky that it crashed directly when opening the page as otherwise I might not
have noticed this bug at all during testing.

So I think it's preferable to avoid this problem once and for all by just not
using this allocator by default. As it was already done for Qt port (for the
same reasons, I guess, although the comment is silent about it), I guess it
shouldn't be that bad performance-wise but please correct me if I'm wrong.

Thanks in advance!

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list