Skip to site navigation (Press enter)

[webkit-changes] [216361] releases/WebKitGTK/webkit-2.16/Source/WebCore

carlosgc Mon, 08 May 2017 01:02:52 -0700

Title: [216361] releases/WebKitGTK/webkit-2.16/Source/WebCore

Revision: 216361
Author: [email protected]
Date: 2017-05-08 01:02:18 -0700 (Mon, 08 May 2017)

Log Message

Merge r215465 - Break Document::m_associatedFormControls reference cycle.
<https://webkit.org/b/170946>


Reviewed by Antti Koivisto.

There was a race between didAssociateFormControls() and didAssociateFormControlsTimerFired()
where detaching Document from its frame between the two would lead to an unbreakable reference
cycle between Document and its form elements.

Solve this by clearing the set of associated form elements in removedLastRef(), where we clear
all the other strong smart pointers to elements.

* dom/Document.cpp:
(WebCore::Document::removedLastRef):

Modified Paths

releases/WebKitGTK/webkit-2.16/Source/WebCore/ChangeLog
releases/WebKitGTK/webkit-2.16/Source/WebCore/dom/Document.cpp

Diff

Modified: releases/WebKitGTK/webkit-2.16/Source/WebCore/ChangeLog (216360 => 216361)


--- releases/WebKitGTK/webkit-2.16/Source/WebCore/ChangeLog	2017-05-08 08:02:08 UTC (rev 216360)
+++ releases/WebKitGTK/webkit-2.16/Source/WebCore/ChangeLog	2017-05-08 08:02:18 UTC (rev 216361)
@@ -1,3 +1,20 @@
+2017-04-18  Andreas Kling  <[email protected]>
+
+        Break Document::m_associatedFormControls reference cycle.
+        <https://webkit.org/b/170946>
+
+        Reviewed by Antti Koivisto.
+
+        There was a race between didAssociateFormControls() and didAssociateFormControlsTimerFired()
+        where detaching Document from its frame between the two would lead to an unbreakable reference
+        cycle between Document and its form elements.
+
+        Solve this by clearing the set of associated form elements in removedLastRef(), where we clear
+        all the other strong smart pointers to elements.
+
+        * dom/Document.cpp:
+        (WebCore::Document::removedLastRef):
+
 2017-04-16  Chris Dumez  <[email protected]>
 
         CMD+R / CMD+Q is considered as user interaction and beforeunload alert is shown

Modified: releases/WebKitGTK/webkit-2.16/Source/WebCore/dom/Document.cpp (216360 => 216361)


--- releases/WebKitGTK/webkit-2.16/Source/WebCore/dom/Document.cpp	2017-05-08 08:02:08 UTC (rev 216360)
+++ releases/WebKitGTK/webkit-2.16/Source/WebCore/dom/Document.cpp	2017-05-08 08:02:18 UTC (rev 216361)
@@ -683,6 +683,7 @@
         m_fullScreenElement = nullptr;
         m_fullScreenElementStack.clear();
 #endif
+        m_associatedFormControls.clear();
 
         detachParser();

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes