[Webkit-unassigned] [Bug 213037] Stop to use ActiveDOMObject::setPendingActivity() for WebCore/Modules/fetch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jun 10 12:03:04 PDT 2020
https://bugs.webkit.org/show_bug.cgi?id=213037
Darin Adler <darin at apple.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |darin at apple.com
Attachment #401560|review? |review-
Flags| |
--- Comment #2 from Darin Adler <darin at apple.com> ---
Comment on attachment 401560
--> https://bugs.webkit.org/attachment.cgi?id=401560
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=401560&action=review
> Source/WebCore/Modules/fetch/FetchBodyOwner.cpp:46
> + , m_pendingActivity(nullptr)
Please remove. Not needed. RefPtr is initialized to nullptr without explicit initialization.
> Source/WebCore/Modules/fetch/FetchBodyOwner.h:73
> + void setPendingActivity()
Is there a reason these function bodies need to be entirely inlined in the header? That seems like premature optimization. Let’s put them into the .cpp file instead.
> Source/WebCore/Modules/fetch/FetchBodyOwner.h:85
> + void unsetPendingActivity()
> + {
> + if (m_pendingActivity)
> + m_pendingActivity->deref();
> + }
This seems like it needs to ASSERT(m_pendingActivity), not just silently do nothing.
This is wrong and will over-release. If you call setPendingActivity(), then unsetPendingActivity(), and then delete the FetchBodyOwner, m_pendingActivity will be ref'd once, but deref'd twice.
Explicit calls to ref/deref are almost never correct, and this shows one example of why.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200610/7f64b19f/attachment-0001.htm>
More information about the webkit-unassigned
mailing list