Issue 185093002: Revert 168169 "Fix use-after-free of m_currentSpeechUtterance."

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Issue 185093002: Revert 168169 "Fix use-after-free of m_currentSpeechUtterance." (Closed)

Created:
6 years, 9 months ago by dmazzoni

Modified:
6 years, 9 months ago

Reviewers:
dmazzoni at google

CC:
blink-reviews

Base URL:
svn://svn.chromium.org/blink/

Visibility:
Public.

More Reviews

Description

Revert 168169 "Fix use-after-free of m_currentSpeechUtterance." Wrong merge base when committing! > Fix use-after-free of m_currentSpeechUtterance. > > SpeechSynthesis.cpp incorrectly assumed that calling > m_platformSpeechSynthesizer->cancel() would immediately call > didFinishSpeaking or speakingErrorOccurred, which would null out > m_currentSpeechUtterance. This assumption was true in WebKit/Mac, but > Chromium's platform implementation is asynchronous, so that call may > come later. > > Fix the issue and simplify the logic by getting rid of the raw pointer > to the current utterance altogether. Now the RefPtr at the front of the > utterance queue is the current utterance, and the platform implementation > is allowed to fire events on utterances that are no longer in the queue. > > BUG=344881 > R=abarth@chromium.org > > Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=168092 > > Review URL: https://codereview.chromium.org/180553004 TBR=dmazzoni@google.com Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=168170

Patch Set 1 #

Created: 6 years, 9 months ago

Download [raw] [tar.bz2]

		Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+0 lines, -7 lines)			Patch
	M	trunk/Source/modules/speech/SpeechSynthesis.cpp	View		1 chunk	+0 lines, -7 lines	0 comments	Download

Messages

Total messages: 2 (0 generated)

Expand Messages | Collapse Messages

Message was sent while issue was closed.

Committed patchset #1 manually as r168170.

Expand Messages | Collapse Messages