WeakPtr functions crash when created with default constructor
authormmaxfield@apple.com <mmaxfield@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 17 Jan 2015 00:39:57 +0000 (00:39 +0000)
committermmaxfield@apple.com <mmaxfield@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 17 Jan 2015 00:39:57 +0000 (00:39 +0000)
commit2be252e98b0027065040ce3ff57c6db2aa5573b4
tree7a84524b9d89fb679c492b51d37f1ec5489900e2
parentf33aa80cd2d9f3e67ba3dd2d4c91fcdca8044017
WeakPtr functions crash when created with default constructor
https://bugs.webkit.org/show_bug.cgi?id=140479

Reviewed by Andreas Kling.

Source/WTF:

This patch rearranges how WeakPtr works, and has the following ideas behind it:

1. WeakPtr should use Ref internally. This solves the crash by always having a
valid WeakReference.
2. Clients should not be able to construct WeakReferences directly. Instead,
only WeakPtrFactory (and WeakPtr's default constructor) should be able to
construct them. They are considered an implementation detail of WeakPtr.
3. Except for the default constructor, clients should not be able to construct
WeakPtrs directly. Instead, the WeakPtrFactory must construct them. This
guarantees that the WeakPtrs all reference the same WeakReference.
4. Clients can construct a WeakPtr using its default constructor, and then
use the assignment operator to make it non-null. (Or they could use
WeakPtrFactory to make it non-null at creation-time.)
5. No one was using WeakReference::bindTo(), and it doesn't seem useful, so I
removed it.

Tests: WTF_WeakPtr API tests

* wtf/Ref.h:
(WTF::Ref::Ref): Added extra ASSERT()s, and explicitly deleted copy
constructors with a comment.
(WTF::Ref::operator=): Added extra ASSERT()s, and explicitly deleted copy
assignment operators with a comment.
* wtf/WeakPtr.h:
(WTF::WeakReference::clear): Used nullptr.
(WTF::WeakReference::create): Moved to private:
(WTF::WeakPtr::WeakPtr): For the default constructor, initialized the Ref with
a new WeakReference. For the other constructor, moved it to private:. Also added
copy constructors and copy assignment operators (since Ref doesn't have them but
RefPtr does). These constructors/operators are relied upon in various places
throughout WebCore.
(WTF::WeakPtr::operator bool): Made non-explicit.
(WTF::WeakReference::createUnbound): Deleted.
(WTF::WeakReference::bindTo): Deleted.
(WTF::WeakReference::WeakReference): Deleted.
(WTF::WeakPtrFactory::WeakPtrFactory): Deleted.

Tools:

Add WeakPtr API tests.

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WTF/WeakPtr.cpp: Added.
* TestWebKitAPI/Tests/WTF/Ref.cpp: Update to not use copy constructor.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@178615 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/WTF/ChangeLog
Source/WTF/wtf/Ref.h
Source/WTF/wtf/WeakPtr.h
Tools/ChangeLog
Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
Tools/TestWebKitAPI/Tests/WTF/Ref.cpp
Tools/TestWebKitAPI/Tests/WTF/WeakPtr.cpp [new file with mode: 0644]