Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(164)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/platform/mediastream/MediaStreamSource.cpp

Issue 2776473003: Clear out prefinalizer-allocated vector for conservative GC safety. (Closed)
Patch Set: Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2012 Google Inc. All rights reserved. 2 * Copyright (C) 2012 Google Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions 5 * modification, are permitted provided that the following conditions
6 * are met: 6 * are met:
7 * 7 *
8 * 1. Redistributions of source code must retain the above copyright 8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright 10 * 2. Redistributions in binary form must reproduce the above copyright
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after
54 void MediaStreamSource::setReadyState(ReadyState readyState) { 54 void MediaStreamSource::setReadyState(ReadyState readyState) {
55 if (m_readyState != ReadyStateEnded && m_readyState != readyState) { 55 if (m_readyState != ReadyStateEnded && m_readyState != readyState) {
56 m_readyState = readyState; 56 m_readyState = readyState;
57 57
58 // Observers may dispatch events which create and add new Observers; 58 // Observers may dispatch events which create and add new Observers;
59 // take a snapshot so as to safely iterate. 59 // take a snapshot so as to safely iterate.
60 HeapVector<Member<Observer>> observers; 60 HeapVector<Member<Observer>> observers;
61 copyToVector(m_observers, observers); 61 copyToVector(m_observers, observers);
62 for (auto observer : observers) 62 for (auto observer : observers)
63 observer->sourceChangedState(); 63 observer->sourceChangedState();
64
65 // setReadyState() will be invoked via the MediaStreamComponent::dispose(),
66 // prefinalizer, allocating |observers|. Which means that |observers| will
67 // live until the next/ GC (but be unreferenced by other heap objects),
haraken 2017/03/24 04:58:43 next
68 // _but_ it will potentially contain references to Observers that were
69 // GCed after the MediaStreamComponent prefinalizer had completed.
70 //
71 // So, if the next GC is a conservative one _and_ it happens to find
72 // a reference to |observers| when scanning the stack, we're in trouble
73 // as it contains references to now-dead objects.
74 //
75 // Work around this by explicitly clearing the vector backing store.
76 for (size_t i = 0; i < observers.size(); ++i)
haraken 2017/03/24 04:58:43 Can we just call observers.clear()?
sof 2017/03/24 05:03:25 We need to clear the backing store contents, not w
77 observers[i] = nullptr;
64 } 78 }
65 } 79 }
66 80
67 void MediaStreamSource::addObserver(MediaStreamSource::Observer* observer) { 81 void MediaStreamSource::addObserver(MediaStreamSource::Observer* observer) {
68 m_observers.insert(observer); 82 m_observers.insert(observer);
69 } 83 }
70 84
71 void MediaStreamSource::addAudioConsumer(AudioDestinationConsumer* consumer) { 85 void MediaStreamSource::addAudioConsumer(AudioDestinationConsumer* consumer) {
72 ASSERT(m_requiresConsumer); 86 ASSERT(m_requiresConsumer);
73 MutexLocker locker(m_audioConsumersLock); 87 MutexLocker locker(m_audioConsumersLock);
(...skipping 28 matching lines...) Expand all
102 MutexLocker locker(m_audioConsumersLock); 116 MutexLocker locker(m_audioConsumersLock);
103 for (AudioDestinationConsumer* consumer : m_audioConsumers) 117 for (AudioDestinationConsumer* consumer : m_audioConsumers)
104 consumer->consumeAudio(bus, numberOfFrames); 118 consumer->consumeAudio(bus, numberOfFrames);
105 } 119 }
106 120
107 DEFINE_TRACE(MediaStreamSource) { 121 DEFINE_TRACE(MediaStreamSource) {
108 visitor->trace(m_observers); 122 visitor->trace(m_observers);
109 } 123 }
110 124
111 } // namespace blink 125 } // namespace blink
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698