Skip to site navigation (Press enter)

[webkit-changes] [222847] trunk/Source/WebCore

zalan Wed, 04 Oct 2017 07:37:56 -0700

Title: [222847] trunk/Source/WebCore

Revision: 222847
Author: [email protected]
Date: 2017-10-04 07:37:19 -0700 (Wed, 04 Oct 2017)

Log Message

RenderFragmentContainerRange should not hold raw pointers.
https://bugs.webkit.org/show_bug.cgi?id=177854
<rdar://problem/34805954>


Reviewed by Antti Koivisto.

m_startFragment and m_endFragment object's lifetimes are not tied to the lifetime of
RenderFragmentContainerRange.

Covered by existing tests.

* rendering/RenderFragmentedFlow.cpp:
(WebCore::RenderFragmentedFlow::setFragmentRangeForBox):
* rendering/RenderFragmentedFlow.h:

Modified Paths

trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/rendering/RenderFragmentedFlow.cpp
trunk/Source/WebCore/rendering/RenderFragmentedFlow.h

Diff

Modified: trunk/Source/WebCore/ChangeLog (222846 => 222847)


--- trunk/Source/WebCore/ChangeLog	2017-10-04 14:24:41 UTC (rev 222846)
+++ trunk/Source/WebCore/ChangeLog	2017-10-04 14:37:19 UTC (rev 222847)
@@ -1,5 +1,22 @@
 2017-10-04  Zalan Bujtas  <[email protected]>
 
+        RenderFragmentContainerRange should not hold raw pointers.
+        https://bugs.webkit.org/show_bug.cgi?id=177854
+        <rdar://problem/34805954>
+
+        Reviewed by Antti Koivisto.
+
+        m_startFragment and m_endFragment object's lifetimes are not tied to the lifetime of
+        RenderFragmentContainerRange.
+
+        Covered by existing tests.
+
+        * rendering/RenderFragmentedFlow.cpp:
+        (WebCore::RenderFragmentedFlow::setFragmentRangeForBox):
+        * rendering/RenderFragmentedFlow.h:
+
+2017-10-04  Zalan Bujtas  <[email protected]>
+
         RenderMultiColumnSpannerPlaceholder should not hold raw pointers.
         https://bugs.webkit.org/show_bug.cgi?id=177840
         <rdar://problem/34800109>

Modified: trunk/Source/WebCore/rendering/RenderFragmentedFlow.cpp (222846 => 222847)


--- trunk/Source/WebCore/rendering/RenderFragmentedFlow.cpp	2017-10-04 14:24:41 UTC (rev 222846)
+++ trunk/Source/WebCore/rendering/RenderFragmentedFlow.cpp	2017-10-04 14:37:19 UTC (rev 222847)
@@ -564,20 +564,15 @@
 {
     ASSERT(hasFragments());
     ASSERT(startFragment && endFragment && startFragment->fragmentedFlow() == this && endFragment->fragmentedFlow() == this);
-
-    auto it = m_fragmentRangeMap.find(&box);
-    if (it == m_fragmentRangeMap.end()) {
-        m_fragmentRangeMap.set(&box, RenderFragmentContainerRange(startFragment, endFragment));
+    auto result = m_fragmentRangeMap.set(&box, RenderFragmentContainerRange(startFragment, endFragment));
+    if (result.isNewEntry)
         return;
-    }
 
     // If nothing changed, just bail.
-    RenderFragmentContainerRange& range = it->value;
+    auto& range = result.iterator->value;
     if (range.startFragment() == startFragment && range.endFragment() == endFragment)
         return;
-
     clearRenderBoxFragmentInfoAndCustomStyle(box, startFragment, endFragment, range.startFragment(), range.endFragment());
-    range.setRange(startFragment, endFragment);
 }
 
 bool RenderFragmentedFlow::hasCachedFragmentRangeForBox(const RenderBox& box) const

Modified: trunk/Source/WebCore/rendering/RenderFragmentedFlow.h (222846 => 222847)


--- trunk/Source/WebCore/rendering/RenderFragmentedFlow.h	2017-10-04 14:24:41 UTC (rev 222846)
+++ trunk/Source/WebCore/rendering/RenderFragmentedFlow.h	2017-10-04 14:37:19 UTC (rev 222847)
@@ -31,6 +31,7 @@
 
 #include "LayerFragment.h"
 #include "RenderBlockFlow.h"
+#include "RenderFragmentContainer.h"
 #include <wtf/ListHashSet.h>
 
 namespace WebCore {
@@ -214,11 +215,7 @@
 
     class RenderFragmentContainerRange {
     public:
-        RenderFragmentContainerRange()
-        {
-            setRange(nullptr, nullptr);
-        }
-
+        RenderFragmentContainerRange() = default;
         RenderFragmentContainerRange(RenderFragmentContainer* start, RenderFragmentContainer* end)
         {
             setRange(start, end);
@@ -226,19 +223,19 @@
         
         void setRange(RenderFragmentContainer* start, RenderFragmentContainer* end)
         {
-            m_startFragment = start;
-            m_endFragment = end;
+            m_startFragment = makeWeakPtr(start);
+            m_endFragment = makeWeakPtr(end);
             m_rangeInvalidated = true;
         }
 
-        RenderFragmentContainer* startFragment() const { return m_startFragment; }
-        RenderFragmentContainer* endFragment() const { return m_endFragment; }
+        RenderFragmentContainer* startFragment() const { return m_startFragment.get(); }
+        RenderFragmentContainer* endFragment() const { return m_endFragment.get(); }
         bool rangeInvalidated() const { return m_rangeInvalidated; }
         void clearRangeInvalidated() { m_rangeInvalidated = false; }
 
     private:
-        RenderFragmentContainer* m_startFragment;
-        RenderFragmentContainer* m_endFragment;
+        WeakPtr<RenderFragmentContainer> m_startFragment;
+        WeakPtr<RenderFragmentContainer> m_endFragment;
         bool m_rangeInvalidated;
     };

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes