[webkit-changes] [WebKit/WebKit] 494321: Cherry-pick 252432.1019 at safari-7614-branch (198880...
David-Li-Jy
noreply at github.com
Tue Mar 28 10:38:34 PDT 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 4943210909a2aeabf7c1e4c8be389b48761078c9
https://github.com/WebKit/WebKit/commit/4943210909a2aeabf7c1e4c8be389b48761078c9
Author: David Li <jingye_li at apple.com>
Date: 2023-03-28 (Tue, 28 Mar 2023)
Changed paths:
A LayoutTests/editing/async-clipboard/clipboard-clear-expected.txt
A LayoutTests/editing/async-clipboard/clipboard-clear.html
M Source/WebCore/Modules/async-clipboard/ClipboardItemBindingsDataSource.cpp
M Source/WebCore/Modules/async-clipboard/ClipboardItemBindingsDataSource.h
Log Message:
-----------
Cherry-pick 252432.1019 at safari-7614-branch (1988807a5229). rdar://107319167
[Clipboard] Explicitly call completion on clearing ClipboardItemTypeLoader
rdar://103307563
Reviewed by Jonathan Bedard and Wenson Hsieh.
In m_itemTypeLoaders.clear(), ClipboardItemBindingsDataSource::invokeCompletionHandler() is called after all m_itemTypeLoaders released
and traverses the itemTypeLoaders after itemTypeLoaders is clear but before the size is updated, causing nullptr accessment.
So we should explicitly call completion before itemTypeLoader is released.
* LayoutTests/editing/async-clipboard/clipboard-clear-expected.txt: Added.
* LayoutTests/editing/async-clipboard/clipboard-clear.html: Added.
* Source/WebCore/Modules/async-clipboard/ClipboardItemBindingsDataSource.cpp:
(WebCore::ClipboardItemBindingsDataSource::clearItemTypeLoaders):
(WebCore::ClipboardItemBindingsDataSource::collectDataForWriting):
(WebCore::ClipboardItemBindingsDataSource::ClipboardItemTypeLoader::~ClipboardItemTypeLoader):
* Source/WebCore/Modules/async-clipboard/ClipboardItemBindingsDataSource.h:
Canonical link: https://commits.webkit.org/252432.1019@safari-7614-branch
Canonical link: https://commits.webkit.org/262227@main
More information about the webkit-changes
mailing list