Weak C++ pointer ivars need better documentation, and there's a problem |
||||
Issue descriptionI was looking through the code trying to see what might be going on in the crash in Issue 675854, and noticed that manage_passwords_decoration.h, content_setting_bubble_cocoa.h, and permission_bubble_controller.h all declare a decoration_ ivar which is a naked pointer to a C++ object. The comment says the reference is "weak" but I've never seen us maintain a weak reference to a C++ object. It looks like it's happening for other ivars, and in other classes in the Chrome codebase. I guess it's accepted practice, but it sure seems dangerous. At a minimum there needs to be an explanation with each ivar explaining why it's OK that they're treated as weak. One real problem is content_setting_bubble_cocoa declares the method -decorationForBubble, which simply returns the decoration_ ivar. It can't really know who is asking for this ivar, what lifetime the callee will assume the pointer has or how long it will hold onto the pointer, etc. This ivar cannot be weak in any way if it's going to be returned outside of the class.
,
May 6 2017
The scope is the three .h files I called out (manage_passwords_decoration.h, content_setting_bubble_cocoa.h, and permission_bubble_controller.h). content_setting_bubble_cocoa needs to be reworked so that its decoration_ ivar is not "weak." That's because content_setting_bubble_cocoa retuns that pointer to callers of -decorationForBubble. Those callers have no idea of the lifetime of that object and may hold onto the pointer after it's been freed.
,
Jun 27 2017
Pri-1 bug that hasn't been touched in almost two months cannot be Pri-1. Certainly not if it's limited to better documentation; those are usually Pri-3. I can understand morphing this bug to fix the content settings issue and having as Pri-2.
,
Jun 27 2017
,
Jun 28 2017
I'll mark it P2. There's a documentation problem but there's also a fundamental bug in the code that could lead to unexpected crashes. soqchan@ - can you look into this for landing before M61 branch?
,
Aug 23
|
||||
►
Sign in to add a comment |
||||
Comment 1 by spqc...@chromium.org
, May 6 2017