[webkit-reviews] review granted: [Bug 74321] Don't crash in StyleAttributeMutationScope if the style declaration's element has been GCed : [Attachment 118853] Add ChangeLog details
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Dec 12 14:49:55 PST 2011
Ryosuke Niwa <rniwa at webkit.org> has granted Adam Klein <adamk at chromium.org>'s
request for review:
Bug 74321: Don't crash in StyleAttributeMutationScope if the style
declaration's element has been GCed
https://bugs.webkit.org/show_bug.cgi?id=74321
Attachment 118853: Add ChangeLog details
https://bugs.webkit.org/attachment.cgi?id=118853&action=review
------- Additional Comments from Ryosuke Niwa <rniwa at webkit.org>
View in context: https://bugs.webkit.org/attachment.cgi?id=118853&action=review
> Source/WebCore/ChangeLog:18
> + In r101101, Rafael Weinstein added code to
CSSMutableStyleDeclaration.cpp
> + which depended on isInlineStyleDeclaration returning true iff the
> + element it pointed to was non-null (it will be nulled-out if the
> + element is garbage collected).
> +
> + Then, in r101172, Andreas Kling changed the semantics so that
> + isInlineStyleDeclaration only described the type of the declaration,
> + not the state of the related element.
> +
> + This change updates Rafael's code with an explicit check that the
> + element is still alive.
Great! Thanks for adding this description. It makes a huge difference when
we're going to look at svn blame in the future.
More information about the webkit-reviews
mailing list