Source/bindings/v8/V8NodeFilterCondition.h - Issue 21274004: Fix Document leak from NodeFilter.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: Source/bindings/v8/V8NodeFilterCondition.h

Issue 21274004: Fix Document leak from NodeFilter. (Closed) Base URL: svn://svn.chromium.org/blink/trunk

Patch Set: update expectations Created 7 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: Source/bindings/v8/V8NodeFilterCondition.h

diff --git a/Source/bindings/v8/V8NodeFilterCondition.h b/Source/bindings/v8/V8NodeFilterCondition.h

index 3314a1aca4bde54a4308c150cafb9141be17794f..9f066bdb48d87352c77bc880997831252570d266 100644

--- a/Source/bindings/v8/V8NodeFilterCondition.h

+++ b/Source/bindings/v8/V8NodeFilterCondition.h

@@ -41,11 +41,20 @@ namespace WebCore {

class Node;

class ScriptState;

+// V8NodeFilterCondition maintains a Javascript implemented callback for

+// filtering Node returned by NodeIterator/TreeWalker.

+// A NodeFilterCondition is referenced by a NodeFilter, and A NodeFilter is

+// referenced by a NodeIterator/TreeWalker. As V8NodeFilterCondition maintains

+// a Javascript callback which may reference Document, we need to avoid circular

+// reference spanning V8/Blink object space.

+// To address this issue, V8NodeFilterCondition holds a weak reference to

+// |m_filter|, the Javascript value, and the whole reference is exposed to V8 to

+// let V8 GC handle collection of |m_filter|.

haraken 2013/08/02 03:47:59 Instead of words, it might be better to illustrate

class V8NodeFilterCondition : public NodeFilterCondition {

public:

- static PassRefPtr<V8NodeFilterCondition> create(v8::Handle<v8::Value> filter)

+ static PassRefPtr<V8NodeFilterCondition> create(v8::Handle<v8::Value> filter, v8::Handle<v8::Object> owner)

{

- return adoptRef(new V8NodeFilterCondition(filter));

+ return adoptRef(new V8NodeFilterCondition(filter, owner));

}

virtual ~V8NodeFilterCondition();

@@ -53,7 +62,12 @@ public:

virtual short acceptNode(ScriptState*, Node*) const;

private:

- explicit V8NodeFilterCondition(v8::Handle<v8::Value> filter);

+ // As the value |filter| is maintained by V8GC, the |owner| which references

+ // V8NodeFilterCondition, usually a wrapper of NodeFilter, is specified here

+ // to hold a strong reference to |filter|.

+ V8NodeFilterCondition(v8::Handle<v8::Value> filter, v8::Handle<v8::Object> owner);

+ static void makeWeakCallback(v8::Isolate*, v8::Persistent<v8::Value>*, V8NodeFilterCondition*);

ScopedPersistent<v8::Value> m_filter;

};

« Source/bindings/v8/V8Binding.cpp ('K') | « Source/bindings/v8/V8HiddenPropertyName.h ('k') | Source/bindings/v8/V8NodeFilterCondition.cpp » ('j') | no next file with comments »