Pointer lock causes abandoned documents
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 20 Dec 2018 23:46:01 +0000 (23:46 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 20 Dec 2018 23:46:01 +0000 (23:46 +0000)
https://bugs.webkit.org/show_bug.cgi?id=188727
rdar://problem/44248197

Patch by Jeremy Jones <jeremyj@apple.com> on 2018-12-20
Reviewed by Simon Fraser.

Fixes --world-leaks in these tests:

pointer-lock/locked-element-removed-from-dom.html
pointer-lock/mouse-event-delivery.html
fast/shadow-dom/pointerlockelement-in-slot.html

PointerLockController now uses WeakPtr instead of RefPtr because it has no need to extend the lifetime of a document.

* page/PointerLockController.cpp:
(WebCore::PointerLockController::elementRemoved):
(WebCore::PointerLockController::documentDetached):
(WebCore::PointerLockController::didAcquirePointerLock):
* page/PointerLockController.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239469 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebCore/ChangeLog
Source/WebCore/page/PointerLockController.cpp
Source/WebCore/page/PointerLockController.h

index 6c10bac..9af34b6 100644 (file)
@@ -1,3 +1,25 @@
+2018-12-20  Jeremy Jones  <jeremyj@apple.com>
+
+        Pointer lock causes abandoned documents
+        https://bugs.webkit.org/show_bug.cgi?id=188727
+        rdar://problem/44248197
+        
+        Reviewed by Simon Fraser.
+
+        Fixes --world-leaks in these tests:
+
+        pointer-lock/locked-element-removed-from-dom.html
+        pointer-lock/mouse-event-delivery.html
+        fast/shadow-dom/pointerlockelement-in-slot.html
+
+        PointerLockController now uses WeakPtr instead of RefPtr because it has no need to extend the lifetime of a document.
+
+        * page/PointerLockController.cpp:
+        (WebCore::PointerLockController::elementRemoved):
+        (WebCore::PointerLockController::documentDetached):
+        (WebCore::PointerLockController::didAcquirePointerLock):
+        * page/PointerLockController.h:
+
 2018-12-20  Chris Dumez  <cdumez@apple.com>
 
         Use Optional::valueOr() instead of Optional::value_or()
index 4926394..cfae41b 100644 (file)
@@ -105,7 +105,7 @@ void PointerLockController::requestPointerUnlockAndForceCursorVisible()
 void PointerLockController::elementRemoved(Element& element)
 {
     if (m_element == &element) {
-        m_documentOfRemovedElementWhileWaitingForUnlock = &m_element->document();
+        m_documentOfRemovedElementWhileWaitingForUnlock = makeWeakPtr(m_element->document());
         // Set element null immediately to block any future interaction with it
         // including mouse events received before the unlock completes.
         requestPointerUnlock();
@@ -115,8 +115,11 @@ void PointerLockController::elementRemoved(Element& element)
 
 void PointerLockController::documentDetached(Document& document)
 {
+    if (m_documentAllowedToRelockWithoutUserGesture == &document)
+        m_documentAllowedToRelockWithoutUserGesture = nullptr;
+
     if (m_element && &m_element->document() == &document) {
-        m_documentOfRemovedElementWhileWaitingForUnlock = &m_element->document();
+        m_documentOfRemovedElementWhileWaitingForUnlock = makeWeakPtr(m_element->document());
         requestPointerUnlock();
         clearElement();
     }
@@ -147,7 +150,7 @@ void PointerLockController::didAcquirePointerLock()
     enqueueEvent(eventNames().pointerlockchangeEvent, m_element.get());
     m_lockPending = false;
     m_forceCursorVisibleUponUnlock = false;
-    m_documentAllowedToRelockWithoutUserGesture = &m_element->document();
+    m_documentAllowedToRelockWithoutUserGesture = makeWeakPtr(m_element->document());
 }
 
 void PointerLockController::didNotAcquirePointerLock()
index 5021ae9..49097ae 100644 (file)
@@ -68,8 +68,8 @@ private:
     bool m_unlockPending { false };
     bool m_forceCursorVisibleUponUnlock { false };
     RefPtr<Element> m_element;
-    RefPtr<Document> m_documentOfRemovedElementWhileWaitingForUnlock;
-    RefPtr<Document> m_documentAllowedToRelockWithoutUserGesture;
+    WeakPtr<Document> m_documentOfRemovedElementWhileWaitingForUnlock;
+    WeakPtr<Document> m_documentAllowedToRelockWithoutUserGesture;
 };
 
 } // namespace WebCore