Image should clear its ImageObserver* when CachedImage releases the last reference...
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 9 Jun 2017 18:38:39 +0000 (18:38 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 9 Jun 2017 18:38:39 +0000 (18:38 +0000)
commit1f12a1baa9419454b2fe893faea2d1f706e0c10a
tree8d0bc77b9d1413cdd49e756de1962a4f17352e12
parent6069d2fc2ad1d2a0e1d0cf5ad33c3b579a7c5249
Image should clear its ImageObserver* when CachedImage releases the last reference to its RefCounted<ImageObserver>
https://bugs.webkit.org/show_bug.cgi?id=173077

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2017-06-09
Reviewed by Simon Fraser.

Before dereferencing ImageObserver, CachedImage::clearImage() should check
whether it is the only object that holds a reference to this ImageObserver.
And if this is true, m_image have to clear its raw pointer to the deleted
ImageObserver by calling m_image->setImageObserver(nullptr).

* loader/cache/CachedImage.cpp:
(WebCore::CachedImage::setBodyDataFrom):
(WebCore::CachedImage::CachedImageObserver::CachedImageObserver):
(WebCore::CachedImage::clearImage):
* loader/cache/CachedImage.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@218003 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/WebCore/ChangeLog
Source/WebCore/loader/cache/CachedImage.cpp
Source/WebCore/loader/cache/CachedImage.h