[webkit-changes] [WebKit/WebKit] fd9c13: Regression(274445 at main): Crash under HTMLMediaElem...

[Chris Dumez]

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: fd9c1365ede0b2da49f029ef066691bcc823b9a4
      https://github.com/WebKit/WebKit/commit/fd9c1365ede0b2da49f029ef066691bcc823b9a4
  Author: Chris Dumez <cdumez at apple.com>
  Date:   2024-02-14 (Wed, 14 Feb 2024)

  Changed paths:
    M Source/WebCore/platform/PODInterval.h

  Log Message:
  -----------
  Regression(274445 at main): Crash under HTMLMediaElement::updateActiveTextTrackCues() on Hulu.com
https://bugs.webkit.org/show_bug.cgi?id=269394
rdar://122959342

Reviewed by Jer Noble.

In 274445 at main, I updated CueInterval to be an alias to:
```
PODInterval<MediaTime, WeakPtr<TextTrackCue, WeakPtrImplWithEventTargetData>>
```
instead of:
```
PODInterval<MediaTime, TextTrackCue*>
```
per our recent smart pointer guidelines.

When doing do, I noticed that PODInterval has different implementations when the
second type is a WeakPtr. Adopting WeakPtr led to build errors because the
PODInterval's specialization for WeakPtr was missing operator==(). To fix the
build, I copied the generic PODInterval's operator==() and used it. However, I
failed to noticed that the 2 specializations had different operator<()
implementations as well. In particular, the generic operator<() was checking
userData while the WeakPtr specialization one wasn't. This mismatch between
operator==() (which was checking userData) and operator<() (which wasn't checking
userData) was the cause of these crashes.

I now updated operator<() to be the same of both specializations (except for
calling `.get()` to extract the raw pointer from the WeakPtr) and this addressed
the crashes on hulu.com.

* Source/WebCore/platform/PODInterval.h:

Canonical link: https://commits.webkit.org/274670@main