[webkit-reviews] review granted: [Bug 203811] Collect all documents before iterating in Page::forEachDocument : [Attachment 382736] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Nov 4 13:07:45 PST 2019
Ryosuke Niwa <rniwa at webkit.org> has granted Alex Christensen
<achristensen at apple.com>'s request for review:
Bug 203811: Collect all documents before iterating in Page::forEachDocument
https://bugs.webkit.org/show_bug.cgi?id=203811
Attachment 382736: Patch
https://bugs.webkit.org/attachment.cgi?id=382736&action=review
--- Comment #5 from Ryosuke Niwa <rniwa at webkit.org> ---
Comment on attachment 382736
--> https://bugs.webkit.org/attachment.cgi?id=382736
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=382736&action=review
>>> Source/WebCore/page/Page.cpp:2873
>>> + functor(document);
>>
>> While this pattern prevents some problems, it's inherently incorrect too.
Callers of functions like "forEachDocument" would naturally expect that all
documents had the functor applied after the call, which is not going to happen
in case of additions.
>
> I agree with Alexey. Seems like the issue may be with the call sites which
modify the frame tree as they iterate.
If we're firing resize event, then it's inherently possible for those event
listeners to modify the frame tree structure.
I don't think we can simultaneously satisfy the need to fire scripts and
iterating all frames at the same time.
More information about the webkit-reviews
mailing list