RESOLVED FIXED 210625
[iOS WK1] -[_WebSafeForwarder asyncForwarder] uses non-static dispatch_once_t predicate 
https://bugs.webkit.org/show_bug.cgi?id=210625
Summary [iOS WK1] -[_WebSafeForwarder asyncForwarder] uses non-static dispatch_once_t...
David Kilzer (:ddkilzer)
Reported 2020-04-16 16:15:02 PDT
-[_WebSafeForwarder asyncForwarder] uses non-static dispatch_once_t predicate. @interface _WebSafeForwarder : NSObject { id target; // Non-retained. Don't retain delegates. id defaultTarget; #if PLATFORM(IOS_FAMILY) _WebSafeAsyncForwarder *asyncForwarder; dispatch_once_t asyncForwarderPred; #endif } [...] - (id)asyncForwarder { dispatch_once(&asyncForwarderPred, ^{ asyncForwarder = [[_WebSafeAsyncForwarder alloc] initWithForwarder:self]; }); return asyncForwarder; } Found by clang static analyzer: Call to 'dispatch_once' uses the instance variable 'asyncForwarderPred' for the predicate value. Using such transient memory for the predicate is potentially dangerous
Attachments
Patch v1 (6.29 KB, patch)
2020-04-16 16:36 PDT, David Kilzer (:ddkilzer) 		no flags
DetailsFormatted DiffDiff
Patch for landing (6.30 KB, patch)
2020-04-17 19:39 PDT, David Kilzer (:ddkilzer) 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
David Kilzer (:ddkilzer)
Comment 1 2020-04-16 16:36:11 PDT
Created attachment 396720 [details] Patch v1
Radar WebKit Bug Importer
Comment 2 2020-04-16 16:36:31 PDT
<rdar://problem/61910231>
David Kilzer (:ddkilzer)
Comment 3 2020-04-16 16:38:27 PDT
Comment on attachment 396720 [details] Patch v1 View in context: https://bugs.webkit.org/attachment.cgi?id=396720&action=review > Source/WebKitLegacy/mac/WebView/WebView.mm:552 > @interface _WebSafeAsyncForwarder : NSObject { > - _WebSafeForwarder *_forwarder; > + __weak _WebSafeForwarder *_forwarder; I could have used __unsafe_unretained instead of __weak here to prevent the retain cycle with _WebSafeForwarder (and avoided the overhead of __weak), but every time I see __unsafe_unretained it makes me wonder if there is a bug lurking in the code.
Daniel Bates
Comment 4 2020-04-17 17:55:48 PDT
Comment on attachment 396720 [details] Patch v1 View in context: https://bugs.webkit.org/attachment.cgi?id=396720&action=review Patch looks good. > Source/WebKitLegacy/mac/WebView/WebView.mm:563 > + _WebSafeAsyncForwarder *_asyncForwarder; This is ok-as is. No change needed. The optimal solution would use RetainPtr because it: 1. Removes the need for -release and nil assignment in -dealloc. 2. Annotates that this ivar is strongly held. 3. Future proofs code for possible ARC transition. > Source/WebKitLegacy/mac/WebView/WebView.mm:5349 > +@synthesize asyncForwarder=_asyncForwarder; This is ok as-is. No change needed. A slightly better solution would put spaces around the =. > Source/WebKitLegacy/mac/WebView/WebView.mm:5376 > + if ([_target respondsToSelector:[invocation selector]]) { This is ok as-is. No change needed. Dot notation could also be used on this line and lines below for modernization.
David Kilzer (:ddkilzer)
Comment 5 2020-04-17 18:50:29 PDT
Comment on attachment 396720 [details] Patch v1 View in context: https://bugs.webkit.org/attachment.cgi?id=396720&action=review >> Source/WebKitLegacy/mac/WebView/WebView.mm:563 >> + _WebSafeAsyncForwarder *_asyncForwarder; > > This is ok-as is. No change needed. The optimal solution would use RetainPtr because it: > > 1. Removes the need for -release and nil assignment in -dealloc. > 2. Annotates that this ivar is strongly held. > 3. Future proofs code for possible ARC transition. Thanks! I think the @property statement below also documents #2. When using RetainPtr<>, getters need to be implemented manually because .get() must be called, correct? I'd rather use @synthesize to generate the getter and just delete -dealloc when switching to ARC. >> Source/WebKitLegacy/mac/WebView/WebView.mm:5349 >> +@synthesize asyncForwarder=_asyncForwarder; > > This is ok as-is. No change needed. A slightly better solution would put spaces around the =. check-webkit-style disagrees: Should not have spaces around = in property synthesis. [whitespace/property] [4] >> Source/WebKitLegacy/mac/WebView/WebView.mm:5376 >> + if ([_target respondsToSelector:[invocation selector]]) { > > This is ok as-is. No change needed. Dot notation could also be used on this line and lines below for modernization. I'll use invocation.selector here. Thanks!
David Kilzer (:ddkilzer)
Comment 6 2020-04-17 19:39:24 PDT
Created attachment 396825 [details] Patch for landing
David Kilzer (:ddkilzer)
Comment 7 2020-04-17 19:42:06 PDT
Comment on attachment 396720 [details] Patch v1 Oops, forgot to save this before uploading the land-safely patch.
EWS
Comment 8 2020-04-17 20:04:50 PDT
Committed r260306: <https://trac.webkit.org/changeset/260306> All reviewed patches have been landed. Closing bug and clearing flags on attachment 396825 [details].
Note You need to log in before you can comment on or make changes to this bug.