[Webkit-unassigned] [Bug 60872] New: [WebKit2] Strict PassOwnPtr fix papers over memory management errors
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun May 15 23:56:07 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=60872
Summary: [WebKit2] Strict PassOwnPtr fix papers over memory
management errors
Product: WebKit
Version: 528+ (Nightly build)
Platform: All
OS/Version: All
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit2
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: abarth at webkit.org
CC: darin at apple.com, sam at webkit.org
As I wrote in https://bugs.webkit.org/show_bug.cgi?id=60655#c3, I don't think the strict PassOwnPtr fix in https://trac.webkit.org/changeset/86296/trunk/Source/WebKit2/Platform/CoreIPC/HandleMessage.h is correct:
--->8---
I'm not sure this patch is right. Does that mean we're supposed to leak the replyEncoder if the arguments fail to decode? If this function is supposed take ownership, It seems more likely we should change the parameter to be a PassOwnPtr.
I tried chasing this for a while, but it mushroomed out of control pretty fast. I suspect there's a memory management bug here somewhere.
For example, consider PluginControllerProxy::didReceiveSyncPluginControllerProxyMessage. Whether this function eventually calls delete on its third argument appears to depend on the MessageID.
---8<---
I don't understand this code well enough to know whether this is a real problem, but the code looks really fishy.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list