[webkit-changes] [WebKit/WebKit] 8f58d6: Break RemoteFrame/RemoteFrameView reference cycle

Wed, 15 Nov 2023 11:03:46 -0800 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 8f58d68e957e33fcb627287c83214e33430ff18e
      
https://github.com/WebKit/WebKit/commit/8f58d68e957e33fcb627287c83214e33430ff18e
  Author: Alex Christensen <[email protected]>
  Date:   2023-11-15 (Wed, 15 Nov 2023)

  Changed paths:
    M Source/WebCore/page/LocalFrame.cpp
    M Source/WebCore/page/Page.cpp
    M Source/WebCore/page/RemoteFrame.cpp
    M Source/WebKit/WebProcess/WebPage/WebFrame.cpp

  Log Message:
  -----------
  Break RemoteFrame/RemoteFrameView reference cycle
https://bugs.webkit.org/show_bug.cgi?id=264862
rdar://116200737

Reviewed by Pascoe.

This required some work in 3 circumstances:

1. When a LocalFrame is removed in another process and we receive a message to 
destroy the
   RemoteFrame that represents it in this process
2. When a LocalFrame transitions to a RemoteFrame because a load has committed 
in another process
3. When a RemoteFrame transitions to a LocalFrame to begin a provisional load 
in this process

In these circumstances we needed some more teardown logic to break the 
Frame/FrameView reference
cycle.  Believe it or not, WebKit has never seen a RemoteFrame destructor 
before today.

To make assertions not fire, I had to make the assertion in
Page::mainFrameDidChangeToNonInitialEmptyDocument allow the main frame to be a 
RemoteFrame.

In the LocalFrame constructor, having an HTMLFrameOwnerElement always happened 
in the exact
same circumstances as having a parent frame before site isolation, but with 
site isolation
we can have a parent RemoteFrame and have no HTMLFrameOwnerElement in this 
process.  I updated
the conditions for calling selfOnlyRef ot match the conditions for calling 
selfOnlyDeref.

* Source/WebCore/page/LocalFrame.cpp:
(WebCore::LocalFrame::LocalFrame):
* Source/WebCore/page/Page.cpp:
(WebCore::Page::mainFrameDidChangeToNonInitialEmptyDocument):
* Source/WebCore/page/RemoteFrame.cpp:
(WebCore::m_layerHostingContextIdentifier):
* Source/WebKit/WebProcess/WebPage/WebFrame.cpp:
(WebKit::WebFrame::removeFromTree):
(WebKit::WebFrame::transitionToLocal):

Canonical link: https://commits.webkit.org/270776@main


_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to