[webkit-changes] [WebKit/WebKit] c943ba: Regression(268146 at main) inspector/css/stylesheet-e...
Chris Dumez
noreply at github.com
Wed Sep 20 10:33:42 PDT 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: c943ba34a565a4ba1c901f37407e059c5349fff8
https://github.com/WebKit/WebKit/commit/c943ba34a565a4ba1c901f37407e059c5349fff8
Author: Chris Dumez <cdumez at apple.com>
Date: 2023-09-20 (Wed, 20 Sep 2023)
Changed paths:
M Source/WebCore/html/HTMLLinkElement.cpp
Log Message:
-----------
Regression(268146 at main) inspector/css/stylesheet-events-imports.html is flakily crashing
https://bugs.webkit.org/show_bug.cgi?id=261824
Reviewed by Simon Fraser.
After 268146 at main, CSSStyleSheet is holding a CheckedPtr to its owner node.
It seemed fine since the owner node is expected to call clearOwnerNode() on
the style sheet on disassociation.
In the case of this crash, we can see that the owner node is a HTMLLinkElement.
HTMLLinkElement was correctly calling clearOwnerNode() on destruction. However,
it was failing to do so on the old stylesheet when replacing it in
initializeStyleSheet().
* Source/WebCore/html/HTMLLinkElement.cpp:
(WebCore::HTMLLinkElement::initializeStyleSheet):
Canonical link: https://commits.webkit.org/268209@main
More information about the webkit-changes
mailing list