New issue
Advanced search Search tips

Issue 742040 link

Starred by 1 user
Status: Fixed
Owner:
mlippautz@chromium.org
Closed: Jul 2017
Cc:
haraken@chromium.org
lfg@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 2
Type: Bug



Sign in to add a comment

Wrapper tracing: Avoid tracing raw pointers

Project Member Reported by mlippautz@chromium.org, Jul 13 2017 
Callers should either use TraceWrapperMember<T> and TraceWrappers or make their intend to use raw pointers explicit by calling TraceWrappersWithManualWriteBarrier.
Project Member

Comment 1 by bugdroid1@chromium.org, Jul 13 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f75b76701ec9ee0c00d58237f673adda40738922

commit f75b76701ec9ee0c00d58237f673adda40738922
Author: Michael Lippautz <mlippautz@chromium.org>
Date: Thu Jul 13 05:18:50 2017

[wrapper-tracing] Avoid tracing raw pointers in modules/webgl/*

Bug:  chromium:742040 
Change-Id: Iff715f0c8780ec6e4cb6a00b0515b0064971497a
Reviewed-on: https://chromium-review.googlesource.com/568819
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#486276}
[modify] https://crrev.com/f75b76701ec9ee0c00d58237f673adda40738922/third_party/WebKit/Source/modules/webgl/WebGLRenderingContextBase.cpp
[modify] https://crrev.com/f75b76701ec9ee0c00d58237f673adda40738922/third_party/WebKit/Source/modules/webgl/WebGLRenderingContextBase.h
Project Member

Comment 3 by bugdroid1@chromium.org, Jul 13 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/f9cb0401fc2b5c876ce5e4fd3a1bf16cd5c2d2cf

commit f9cb0401fc2b5c876ce5e4fd3a1bf16cd5c2d2cf
Author: Michael Lippautz <mlippautz@chromium.org>
Date: Thu Jul 13 08:38:28 2017

[wrapper-tracing] Avoid tracing raw pointers in core/css/*

Bug:  chromium:742040 
Change-Id: Ie14d1008bf0fa3b913073a260caeb2d070b86ca3
Reviewed-on: https://chromium-review.googlesource.com/568496
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#486321}
[modify] https://crrev.com/f9cb0401fc2b5c876ce5e4fd3a1bf16cd5c2d2cf/third_party/WebKit/Source/core/css/BUILD.gn
[modify] https://crrev.com/f9cb0401fc2b5c876ce5e4fd3a1bf16cd5c2d2cf/third_party/WebKit/Source/core/css/CSSRule.cpp
[modify] https://crrev.com/f9cb0401fc2b5c876ce5e4fd3a1bf16cd5c2d2cf/third_party/WebKit/Source/core/css/CSSRule.h
[delete] https://crrev.com/755f0dd1940844042792972fe80755c95f6d8b29/third_party/WebKit/Source/core/css/CSSStyleDeclaration.cpp
[modify] https://crrev.com/f9cb0401fc2b5c876ce5e4fd3a1bf16cd5c2d2cf/third_party/WebKit/Source/core/css/CSSStyleDeclaration.h
[modify] https://crrev.com/f9cb0401fc2b5c876ce5e4fd3a1bf16cd5c2d2cf/third_party/WebKit/Source/core/css/CSSStyleRule.cpp
[modify] https://crrev.com/f9cb0401fc2b5c876ce5e4fd3a1bf16cd5c2d2cf/third_party/WebKit/Source/core/css/CSSStyleRule.h
[modify] https://crrev.com/f9cb0401fc2b5c876ce5e4fd3a1bf16cd5c2d2cf/third_party/WebKit/Source/core/css/PropertySetCSSStyleDeclaration.cpp
[modify] https://crrev.com/f9cb0401fc2b5c876ce5e4fd3a1bf16cd5c2d2cf/third_party/WebKit/Source/core/css/PropertySetCSSStyleDeclaration.h

Comment 4 by mlippautz@chromium.org, Jul 13 2017 

5bc3c54e221cd5c29db255bd901ec6d4a7307bde is also part of this effort.
Project Member

Comment 5 by bugdroid1@chromium.org, Jul 13 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/4d3076ddc8d258a8ca28443387cd742e6e4dcedf

commit 4d3076ddc8d258a8ca28443387cd742e6e4dcedf
Author: Michael Lippautz <mlippautz@chromium.org>
Date: Thu Jul 13 12:02:43 2017

[wrapper-tracing] Prohibit tracing using raw pointers

Move TraceWrappers taking raw pointers into the protected section.
Callers should be either using the version accepting the managed types
or use TraceWrappersWithManualWriteBarrier and set the proper write
barriers.

Bug:  chromium:742040 
Change-Id: I3881fc9bea9a08207f234b0e78813deb009e5900
Reviewed-on: https://chromium-review.googlesource.com/567498
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#486350}
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/templates/interface.h.tmpl
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8ArrayBuffer.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8ArrayBufferView.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8DataView.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8SVGTestInterface.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestCallbackFunctions.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestConstants.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestIntegerIndexed.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestIntegerIndexedGlobal.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestIntegerIndexedPrimaryGlobal.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterface.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterface2.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterface3.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceCheckSecurity.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceConstructor.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceConstructor2.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceConstructor3.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceConstructor4.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceCustomConstructor.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceDocument.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceEmpty.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceEventInitConstructor.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceEventTarget.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceGarbageCollected.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceNamedConstructor.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceNamedConstructor2.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceNode.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceOriginTrialEnabled.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestInterfaceSecureContext.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestNode.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestObject.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestSpecialOperations.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestSpecialOperationsNotEnumerable.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8TestTypedefs.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/core/V8Uint8ClampedArray.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/modules/V8TestInterface5.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/bindings/tests/results/modules/V8TestSubObject.h
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/core/dom/Document.cpp
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/core/dom/Element.cpp
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/core/dom/Node.cpp
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/core/events/EventTarget.cpp
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/core/html/custom/CustomElementRegistry.cpp
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/core/svg/SVGAnimatedAngle.cpp
[modify] https://crrev.com/4d3076ddc8d258a8ca28443387cd742e6e4dcedf/third_party/WebKit/Source/platform/heap/WrapperVisitor.h

Comment 6 by mlippautz@chromium.org, Jul 13 2017

Status: Fixed (was: Started)
TraceWrappers taking raw pointers is protected now. The only public methods are TraceWrappers taking the managed pointers and TraceWrappersWithManualWriteBarrier that makes the intent explicit.

Sign in to add a comment