[webkit-changes] [WebKit/WebKit] 3e8087: Merge 255321 at main - Fix bug in WeakHashMap::remove...
Chris Dumez
noreply at github.com
Sun Oct 9 15:38:13 PDT 2022
Branch: refs/heads/webkitglib/2.38
Home: https://github.com/WebKit/WebKit
Commit: 3e8087af2a32a681c5e5f8f299a6981787324130
https://github.com/WebKit/WebKit/commit/3e8087af2a32a681c5e5f8f299a6981787324130
Author: Chris Dumez <cdumez at apple.com>
Date: 2022-10-09 (Sun, 09 Oct 2022)
Changed paths:
M Source/WTF/wtf/WeakHashMap.h
M Tools/TestWebKitAPI/Tests/WTF/WeakPtr.cpp
Log Message:
-----------
Merge 255321 at main - Fix bug in WeakHashMap::remove(iterator)
https://bugs.webkit.org/show_bug.cgi?id=246252
<rdar://100547602>
Reviewed by Ryosuke Niwa.
WeakHashMap::remove(iterator) takes in an iterator but was calling
`amortizedCleanupIfNeeded()` *before* actually removing this iterator from the
underlying map. The issue is that `amortizedCleanupIfNeeded()` may remove null
entries in the map, which would invalidate the iterator that the function was
given. This could lead to the hash table getting corrupted when trying to
remove the invalidated iterator later on.
* Source/WTF/wtf/WeakHashMap.h:
* Tools/TestWebKitAPI/Tests/WTF/WeakPtr.cpp:
(TestWebKitAPI::TEST):
Canonical link: https://commits.webkit.org/255321@main
(cherry picked from commit 78726649cddec666771566e2851fa366948b0347)
More information about the webkit-changes
mailing list