146242 – WinLauncher fails to download files.

Bug 146242 - WinLauncher fails to download files.

Summary: WinLauncher fails to download files.

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Tools / Tests (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-06-23 11:27 PDT by peavo
Modified:	2015-06-26 11:54 PDT (History)
CC List:	3 users (show)

See Also:

Attachments
Patch (16.52 KB, patch) 2015-06-23 12:10 PDT, peavo	no flags	Details \| Formatted Diff \| Diff
Patch (16.53 KB, patch) 2015-06-23 13:17 PDT, peavo	no flags	Details \| Formatted Diff \| Diff
Patch (16.53 KB, patch) 2015-06-24 03:53 PDT, peavo	no flags	Details \| Formatted Diff \| Diff
Patch (16.83 KB, patch) 2015-06-24 14:09 PDT, peavo	no flags	Details \| Formatted Diff \| Diff
Patch (16.86 KB, patch) 2015-06-26 05:42 PDT, peavo	no flags	Details \| Formatted Diff \| Diff
Show Obsolete (4) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description peavo 2015-06-23 11:27:59 PDT

When trying to download files, WinLauncher crashes.

Comment 1 peavo 2015-06-23 12:10:53 PDT

Created attachment 255420 [details]
Patch

Comment 2 WebKit Commit Bot 2015-06-23 12:13:36 PDT

Attachment 255420 [details] did not pass style-queue:


ERROR: Tools/WinLauncher/WebDownloadDelegate.cpp:26:  Found other header before WebCore config.h. Should be: config.h, primary header, blank line, and then alphabetically sorted.  [build/include_order] [4]
ERROR: Tools/WinLauncher/WebDownloadDelegate.cpp:27:  Found header this file implements after other header. Should be: config.h, primary header, blank line, and then alphabetically sorted.  [build/include_order] [4]
Total errors found: 2 in 11 files


If any of these errors are false positives, please file a bug against check-webkit-style.

Comment 3 Alex Christensen 2015-06-23 12:23:15 PDT

Comment on attachment 255420 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=255420&action=review

Hooray!  Downloading things from WinLauncher!  A few memory management issues, but otherwise this is great!

> Tools/WinLauncher/WebDownloadDelegate.cpp:32
> +    : m_refCount(1)

I don't think this is correct.  Something that adopts this should call AddRef then Release when it is done with it, which should delete it if that was the only reference to it.

> Tools/WinLauncher/WinMain.cpp:139
> +    hr = gWinLauncher->setDownloadDelegate(new WebDownloadDelegate());

This is a memory leak.  Use the same pattern as gWinLauncher if this is global, otherwise use some kind of smart pointer.

Comment 4 peavo 2015-06-23 13:17:17 PDT

Created attachment 255425 [details]
Patch

Comment 5 peavo 2015-06-23 13:18:02 PDT

(In reply to comment #3)
> Comment on attachment 255420 [details]
> Patch
> 
> This is a memory leak.  Use the same pattern as gWinLauncher if this is
> global, otherwise use some kind of smart pointer.

Thanks for catching this :) Updated patch.

Comment 6 WebKit Commit Bot 2015-06-23 13:19:31 PDT

Attachment 255425 [details] did not pass style-queue:


ERROR: Tools/WinLauncher/WebDownloadDelegate.cpp:26:  Found other header before WebCore config.h. Should be: config.h, primary header, blank line, and then alphabetically sorted.  [build/include_order] [4]
ERROR: Tools/WinLauncher/WebDownloadDelegate.cpp:27:  Found header this file implements after other header. Should be: config.h, primary header, blank line, and then alphabetically sorted.  [build/include_order] [4]
Total errors found: 2 in 11 files


If any of these errors are false positives, please file a bug against check-webkit-style.

Comment 7 Alex Christensen 2015-06-23 13:22:10 PDT

Comment on attachment 255425 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=255425&action=review

> Tools/WinLauncher/WinMain.cpp:139
> +    hr = gWinLauncher->setDownloadDelegate(new WebDownloadDelegate());

This is still a memory leak.

Comment 8 peavo 2015-06-23 14:33:12 PDT

(In reply to comment #7)
> Comment on attachment 255425 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=255425&action=review
> 
> > Tools/WinLauncher/WinMain.cpp:139
> > +    hr = gWinLauncher->setDownloadDelegate(new WebDownloadDelegate());
> 
> This is still a memory leak.

I might be mistaken, but since the download delegate object is constructed with refcount 0, and the smart pointer takes ownership here, will it not be destroyed?

Comment 9 Alex Christensen 2015-06-23 18:43:45 PDT

I missed that that parameter is a IWebDownloadDelegatePtr which is a _com_ptr_t.  Yes, I think this is not a memory leak, but a use-after-free.  The IWebDownloadDelegatePtr goes out of scope, which deletes the WebDownloadDelegate which we are still using as a delegate.  I think you'll need some kind of global reference to the WebDownloadDelegate.

Comment 10 peavo 2015-06-24 03:53:59 PDT

Created attachment 255476 [details]
Patch

Comment 11 WebKit Commit Bot 2015-06-24 03:56:50 PDT

Attachment 255476 [details] did not pass style-queue:


ERROR: Tools/WinLauncher/WebDownloadDelegate.cpp:26:  Found other header before WebCore config.h. Should be: config.h, primary header, blank line, and then alphabetically sorted.  [build/include_order] [4]
ERROR: Tools/WinLauncher/WebDownloadDelegate.cpp:27:  Found header this file implements after other header. Should be: config.h, primary header, blank line, and then alphabetically sorted.  [build/include_order] [4]
Total errors found: 2 in 11 files


If any of these errors are false positives, please file a bug against check-webkit-style.

Comment 12 peavo 2015-06-24 04:05:47 PDT

(In reply to comment #9)
> I missed that that parameter is a IWebDownloadDelegatePtr which is a
> _com_ptr_t.  Yes, I think this is not a memory leak, but a use-after-free. 
> The IWebDownloadDelegatePtr goes out of scope, which deletes the
> WebDownloadDelegate which we are still using as a delegate.  I think you'll
> need some kind of global reference to the WebDownloadDelegate.

Thanks again for reviewing :)

I went back to constructing the download delegate object with refount 1 to keep it more in line with the rest of the code here.
To avoid the leak, I then transferred ownership to the smart pointer by calling _com_ptr_t::Attach, which does not call AddRef.
I checked that this patch does not leak the download delegate object, and there is  no use-after-free, the download delegate object is destroyed on exit.

Comment 13 peavo 2015-06-24 14:09:48 PDT

Created attachment 255512 [details]
Patch

Comment 14 peavo 2015-06-24 14:11:12 PDT

(In reply to comment #13)
> Created attachment 255512 [details]
> Patch

Updated patch with a global reference to the download delegate.

Comment 15 WebKit Commit Bot 2015-06-24 14:12:41 PDT

Attachment 255512 [details] did not pass style-queue:


ERROR: Tools/WinLauncher/WebDownloadDelegate.cpp:26:  Found other header before WebCore config.h. Should be: config.h, primary header, blank line, and then alphabetically sorted.  [build/include_order] [4]
ERROR: Tools/WinLauncher/WebDownloadDelegate.cpp:27:  Found header this file implements after other header. Should be: config.h, primary header, blank line, and then alphabetically sorted.  [build/include_order] [4]
Total errors found: 2 in 11 files


If any of these errors are false positives, please file a bug against check-webkit-style.

Comment 16 Alex Christensen 2015-06-25 17:39:08 PDT

Comment on attachment 255512 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=255512&action=review

Sorry, I'm not doing a very good job reviewing this.  This needs one more iteration, and it's my fault.

> Tools/WinLauncher/WebDownloadDelegate.cpp:32
> +    : m_refCount(0)

Ok, sorry about my earlier comment.  This should indeed be 1.  And use _com_ptr_t::Attach after making a new WebDownloadDelegate.

Comment 17 peavo 2015-06-26 05:42:25 PDT

Created attachment 255634 [details]
Patch

Comment 18 peavo 2015-06-26 05:43:48 PDT

(In reply to comment #16)
> Comment on attachment 255512 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=255512&action=review
> 
> Sorry, I'm not doing a very good job reviewing this.  This needs one more
> iteration, and it's my fault.
> 
> > Tools/WinLauncher/WebDownloadDelegate.cpp:32
> > +    : m_refCount(0)
> 
> Ok, sorry about my earlier comment.  This should indeed be 1.  And use
> _com_ptr_t::Attach after making a new WebDownloadDelegate.

No worries :) Updated patch.

Comment 19 WebKit Commit Bot 2015-06-26 05:44:20 PDT

Attachment 255634 [details] did not pass style-queue:


ERROR: Tools/WinLauncher/WebDownloadDelegate.cpp:26:  Found other header before WebCore config.h. Should be: config.h, primary header, blank line, and then alphabetically sorted.  [build/include_order] [4]
ERROR: Tools/WinLauncher/WebDownloadDelegate.cpp:27:  Found header this file implements after other header. Should be: config.h, primary header, blank line, and then alphabetically sorted.  [build/include_order] [4]
Total errors found: 2 in 11 files


If any of these errors are false positives, please file a bug against check-webkit-style.

Comment 20 WebKit Commit Bot 2015-06-26 11:24:10 PDT

Comment on attachment 255634 [details]
Patch

Clearing flags on attachment: 255634

Committed r186004: <http://trac.webkit.org/changeset/186004>

Comment 21 WebKit Commit Bot 2015-06-26 11:24:14 PDT

All reviewed patches have been landed.  Closing bug.

Comment 22 peavo 2015-06-26 11:54:20 PDT

Thanks for reviewing :)