Bug 187256

Summary:

Allow to remove MediaStreamPrivate observers when iterating over observers

Product:

WebKit

Reporter:

youenn fablet <youennf>

Component:

WebRTC

Assignee:

youenn fablet <youennf>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

commit-queue, darin, eric.carlson, webkit-bug-importer, youennf

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none
Patch for landing	none

Description youenn fablet 2018-07-02 10:28:53 PDT

This will make code clearer to understand

Comment 1 youenn fablet 2018-11-14 07:15:57 PST

Created attachment 354806 [details]
Patch

Comment 2 Eric Carlson 2018-11-14 09:05:41 PST

Comment on attachment 354806 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=354806&action=review

> Source/WebCore/ChangeLog:8
> +        Copy the set of observers in a vector before iterating over it.

Nit: s/in a vector/to a vector/

Comment 3 youenn fablet 2018-11-14 09:11:55 PST

Created attachment 354815 [details]
Patch for landing

Comment 4 Darin Adler 2018-11-14 09:25:06 PST

Comment on attachment 354806 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=354806&action=review

> Source/WebCore/platform/mediastream/MediaStreamPrivate.cpp:99
> +        if (!m_observers.contains(observer))
> +            continue;

This technique is not guaranteed to work. Code could delete an Observer, then allocate a new Observer and the two might coincidentally use the same memory and have the same address. So checking "contains" on a set of weak pointers doesn’t give a guaranteed accurate answer.

Comment 5 WebKit Commit Bot 2018-11-14 09:50:45 PST

Comment on attachment 354815 [details]
Patch for landing

Clearing flags on attachment: 354815

Committed r238181: <https://trac.webkit.org/changeset/238181>

Comment 6 WebKit Commit Bot 2018-11-14 09:50:47 PST

All reviewed patches have been landed.  Closing bug.

Comment 7 Radar WebKit Bug Importer 2018-11-14 09:51:27 PST

<rdar://problem/46065771>

Comment 8 youenn fablet 2018-11-14 11:48:54 PST

(In reply to Darin Adler from comment #4)
> Comment on attachment 354806 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=354806&action=review
> 
> > Source/WebCore/platform/mediastream/MediaStreamPrivate.cpp:99
> > +        if (!m_observers.contains(observer))
> > +            continue;
> 
> This technique is not guaranteed to work. Code could delete an Observer,
> then allocate a new Observer and the two might coincidentally use the same
> memory and have the same address. So checking "contains" on a set of weak
> pointers doesn’t give a guaranteed accurate answer.

True, this adds some potential uncertainty when such collision happens.

I guess we could have a HashSet<WeakPtr<Observer>> to fix this issue.
That would add some additional count churning but maybe this is ok since we are creating a Vector already whenever iterating over observers.

I am unsure whether we should fix this uncertainty.