Title: [217558] trunk/Source/WebCore
- Revision
- 217558
- Author
- [email protected]
- Date
- 2017-05-30 09:57:20 -0700 (Tue, 30 May 2017)
Log Message
REGRESSION(r217515): Correct iterator invalidation bug (AGAIN)
https://bugs.webkit.org/show_bug.cgi?id=172722
<rdar://problem/32462876>
Reviewed by Zalan Bujtas.
Over-enthusiastic clean-up during r217515 re-introduced a bug caused by holding a reference
to an iterator that gets invalidated while handling the frame navigation. This patch returns
to the copy/set behavior used prior to r217515.
* loader/ResourceLoadObserver.cpp:
(WebCore::ResourceLoadObserver::logFrameNavigation): Make a copy of the returned value, since
the iterator will be invalidated during the function call. Then set the copy back in the data
store with the updated counts.
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (217557 => 217558)
--- trunk/Source/WebCore/ChangeLog 2017-05-30 15:41:26 UTC (rev 217557)
+++ trunk/Source/WebCore/ChangeLog 2017-05-30 16:57:20 UTC (rev 217558)
@@ -1,3 +1,20 @@
+2017-05-30 Brent Fulgham <[email protected]>
+
+ REGRESSION(r217515): Correct iterator invalidation bug (AGAIN)
+ https://bugs.webkit.org/show_bug.cgi?id=172722
+ <rdar://problem/32462876>
+
+ Reviewed by Zalan Bujtas.
+
+ Over-enthusiastic clean-up during r217515 re-introduced a bug caused by holding a reference
+ to an iterator that gets invalidated while handling the frame navigation. This patch returns
+ to the copy/set behavior used prior to r217515.
+
+ * loader/ResourceLoadObserver.cpp:
+ (WebCore::ResourceLoadObserver::logFrameNavigation): Make a copy of the returned value, since
+ the iterator will be invalidated during the function call. Then set the copy back in the data
+ store with the updated counts.
+
2017-05-30 Fujii Hironori <[email protected]>
[WinCairo] TestWebKitAPI: SHOULD NEVER BE REACHED in WebCore::cairoSurfaceSize
Modified: trunk/Source/WebCore/loader/ResourceLoadObserver.cpp (217557 => 217558)
--- trunk/Source/WebCore/loader/ResourceLoadObserver.cpp 2017-05-30 15:41:26 UTC (rev 217557)
+++ trunk/Source/WebCore/loader/ResourceLoadObserver.cpp 2017-05-30 16:57:20 UTC (rev 217558)
@@ -155,7 +155,8 @@
{
auto locker = holdLock(m_store->statisticsLock());
- auto& targetStatistics = m_store->ensureResourceStatisticsForPrimaryDomain(targetPrimaryDomain);
+ // We must make a copy here, because later calls to 'ensureResourceStatisticsForPrimaryDomain' will invalidate the returned reference::
+ auto targetStatistics = m_store->ensureResourceStatisticsForPrimaryDomain(targetPrimaryDomain);
// Always fire if we have previously removed data records for this domain
shouldFireDataModificationHandler = targetStatistics.dataRecordsRemoved > 0;
@@ -205,6 +206,8 @@
}
}
}
+
+ m_store->setResourceStatisticsForPrimaryDomain(targetPrimaryDomain, WTFMove(targetStatistics));
} // Release lock
if (shouldFireDataModificationHandler)
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
