[Webkit-unassigned] [Bug 17654] New: CSSRuleSet::~CSSRuleSet() ownership rules are error prone

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Mar 3 14:38:17 PST 2008


http://bugs.webkit.org/show_bug.cgi?id=17654

           Summary: CSSRuleSet::~CSSRuleSet() ownership rules are error
                    prone
           Product: WebKit
           Version: 525+ (Nightly build)
          Platform: Macintosh
        OS/Version: Mac OS X 10.5
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: CSS
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: eric at webkit.org
                CC: hyatt at apple.com, sam at webkit.org


CSSRuleSet::~CSSRuleSet() ownership rules are error prone

I saw a crash last night (sadly, I can't seem to find the crash log!) where
~CSSRuleSet()  was deleting values underneath recalcStyleSelector.  Looking @
~CSSRuleSet()  this morning, the ownership rules for the various rulesets seems
error prone.

We should find a way to either refcount these CSSRuleDataList objects, or to
make them so that they are created by the CSSRuleSet and never owned by anyone
else, or some other model where by none of these rule set maps could ever point
to the same CSSRuleDataList object, or whereby anyone else could ever
incorrectly delete a CSSRuleDataList.

If I'm able to reproduce the crash or find the darn crash log, I'll post it
here.

This bug is NOT about the crash however, it's about the design of CSSRuleSet
and its interaction with CSSRuleDataList.


-- 
Configure bugmail: http://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.



More information about the webkit-unassigned mailing list