RESOLVED FIXED 159701
Clean up PassRefPtr uses in Modules/encryptedmedia, Modules/speech, and Modules/quota 
https://bugs.webkit.org/show_bug.cgi?id=159701
Summary Clean up PassRefPtr uses in Modules/encryptedmedia, Modules/speech, and Modul...
Gyuyoung Kim
Reported 2016-07-12 23:09:57 PDT
SSIA
Attachments
Patch (27.69 KB, patch)
2016-07-12 23:10 PDT, Gyuyoung Kim 		no flags
DetailsFormatted DiffDiff
Patch (30.49 KB, patch)
2016-07-13 03:22 PDT, Gyuyoung Kim 		no flags
DetailsFormatted DiffDiff
Patch (34.14 KB, patch)
2016-07-14 00:55 PDT, Gyuyoung Kim 		no flags
DetailsFormatted DiffDiff
Patch (34.30 KB, patch)
2016-07-15 01:23 PDT, Gyuyoung Kim 		no flags
DetailsFormatted DiffDiff
Archive of layout-test-results from ews116 for mac-yosemite (1.52 MB, application/zip)
2016-07-16 22:03 PDT, Build Bot 		no flags
Details
Patch for landing (34.74 KB, patch)
2016-07-17 19:55 PDT, Gyuyoung Kim 		no flags
DetailsFormatted DiffDiff
Show Obsolete (4) View All Add attachment proposed patch, testcase, etc.
Gyuyoung Kim
Comment 1 2016-07-12 23:10:51 PDT
Created attachment 283490 [details] Patch
Gyuyoung Kim
Comment 2 2016-07-13 03:22:19 PDT
Created attachment 283501 [details] Patch
Alex Christensen
Comment 3 2016-07-14 00:05:22 PDT
Comment on attachment 283501 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=283501&action=review > Source/WebCore/Modules/quota/StorageErrorCallback.cpp:45 > -StorageErrorCallback::CallbackTask::CallbackTask(PassRefPtr<StorageErrorCallback> callback, ExceptionCode ec) > +StorageErrorCallback::CallbackTask::CallbackTask(StorageErrorCallback* callback, ExceptionCode ec) > : ScriptExecutionContext::Task([callback, ec] (ScriptExecutionContext*) { > if (callback) > callback->handleEvent(DOMCoreException::create(ExceptionCodeDescription(ec)).get()); This feels like it should be a RefPtr<StorageErrorCallback>&& that is WTFMoved into the lambda so we are sure there is still a reference when we call the callback. Otherwise, it's not obvious that there couldn't be a use after free. > Source/WebCore/Modules/speech/SpeechSynthesis.cpp:189 > +void SpeechSynthesis::boundaryEventOccurred(PlatformSpeechSynthesisUtterance* utterance, SpeechBoundary boundary, unsigned charIndex) This should definitely be a PlatformSpeechSynthesisUtterance& > Source/WebCore/Modules/speech/SpeechSynthesis.cpp:209 > +void SpeechSynthesis::didStartSpeaking(PlatformSpeechSynthesisUtterance* utterance) ditto > Source/WebCore/Modules/speech/SpeechSynthesis.cpp:215 > +void SpeechSynthesis::didPauseSpeaking(PlatformSpeechSynthesisUtterance* utterance) ditto > Source/WebCore/Modules/speech/SpeechSynthesis.cpp:235 > +void SpeechSynthesis::speakingErrorOccurred(PlatformSpeechSynthesisUtterance* utterance) etc. > Source/WebCore/Modules/speech/SpeechSynthesisVoice.h:53 > RefPtr<PlatformSpeechSynthesisVoice> m_platformVoice; This should be made a Ref.
Gyuyoung Kim
Comment 4 2016-07-14 00:55:21 PDT
Created attachment 283621 [details] Patch
Gyuyoung Kim
Comment 5 2016-07-15 01:23:13 PDT
Created attachment 283748 [details] Patch
Alex Christensen
Comment 6 2016-07-15 09:24:08 PDT
Comment on attachment 283748 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=283748&action=review > Source/WebCore/Modules/speech/SpeechSynthesisVoice.cpp:39 > +SpeechSynthesisVoice::SpeechSynthesisVoice(PlatformSpeechSynthesisVoice* voice) > + : m_platformVoice(adoptRef(*voice)) This should be a PlatformSpeechSynthesisVoice&. PlatformSpeechSynthesizer.m_voiceList should be Refs.
Build Bot
Comment 7 2016-07-16 22:03:20 PDT
Comment on attachment 283748 [details] Patch Attachment 283748 [details] did not pass mac-debug-ews (mac): Output: http://webkit-queues.webkit.org/results/1694508 New failing tests: transitions/default-timing-function.html
Build Bot
Comment 8 2016-07-16 22:03:23 PDT
Created attachment 283859 [details] Archive of layout-test-results from ews116 for mac-yosemite The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews116 Port: mac-yosemite Platform: Mac OS X 10.10.5
Gyuyoung Kim
Comment 9 2016-07-17 19:55:49 PDT
Created attachment 283881 [details] Patch for landing
Gyuyoung Kim
Comment 10 2016-07-17 22:53:30 PDT
Comment on attachment 283881 [details] Patch for landing Looks like win-ews is being failed regardless of this patch.
WebKit Commit Bot
Comment 11 2016-07-17 23:14:22 PDT
Comment on attachment 283881 [details] Patch for landing Clearing flags on attachment: 283881 Committed r203340: <http://trac.webkit.org/changeset/203340>
WebKit Commit Bot
Comment 12 2016-07-17 23:14:26 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.