[webkit-changes] [WebKit/WebKit] 787266: Fix bug in WeakHashMap::remove(iterator)
Chris Dumez
noreply at github.com
Sat Oct 8 22:39:52 PDT 2022
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 78726649cddec666771566e2851fa366948b0347
https://github.com/WebKit/WebKit/commit/78726649cddec666771566e2851fa366948b0347
Author: Chris Dumez <cdumez at apple.com>
Date: 2022-10-08 (Sat, 08 Oct 2022)
Changed paths:
M Source/WTF/wtf/WeakHashMap.h
M Tools/TestWebKitAPI/Tests/WTF/WeakPtr.cpp
Log Message:
-----------
Fix bug in WeakHashMap::remove(iterator)
https://bugs.webkit.org/show_bug.cgi?id=246252
<rdar://100547602>
Reviewed by Ryosuke Niwa.
WeakHashMap::remove(iterator) takes in an iterator but was calling
`amortizedCleanupIfNeeded()` *before* actually removing this iterator from the
underlying map. The issue is that `amortizedCleanupIfNeeded()` may remove null
entries in the map, which would invalidate the iterator that the function was
given. This could lead to the hash table getting corrupted when trying to
remove the invalidated iterator later on.
* Source/WTF/wtf/WeakHashMap.h:
* Tools/TestWebKitAPI/Tests/WTF/WeakPtr.cpp:
(TestWebKitAPI::TEST):
Canonical link: https://commits.webkit.org/255321@main
More information about the webkit-changes
mailing list