Bug 33977

Summary:

[Chromium] WebNode::toElement refcounts incorrectly

Product:

WebKit

Reporter:

James Robinson <jamesr>

Component:

New Bugs

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

commit-queue, fishd, yaar

Priority:

Version:

528+ (Nightly build)

Hardware:

All

OS:

All

Attachments:

Description	Flags
Fixes the bug by using WebNode::assign()	none

Description James Robinson 2010-01-21 16:04:30 PST

The following results in the refcount on 'foo' decreasing by one, when it should stay the same:

{
  WebNode n = foo;
  WebElement e = n.toElement<WebElement>();
}

This is because WebNode::toElement() does not increment the refcount on 'foo', but the WebElement destructor does decrement the refcount.

Comment 1 James Robinson 2010-01-21 16:07:57 PST

Created attachment 47155 [details]
Fixes the bug by using WebNode::assign()

I have to use the WebNode:: qualifier because some T's that are used in this function (like WebElement) define incompatible 1-arg versions of ::assign(), for example WebElement::assign(const WebElement& e).  This confuses visual studio terribly.  I'm not sure if this is an issue with the compiler, but we always want to use the WebNode::assign() version anyway.

Comment 2 WebKit Commit Bot 2010-01-21 22:22:00 PST

Comment on attachment 47155 [details]
Fixes the bug by using WebNode::assign()

Clearing flags on attachment: 47155

Committed r53678: <http://trac.webkit.org/changeset/53678>

Comment 3 WebKit Commit Bot 2010-01-21 22:22:07 PST

All reviewed patches have been landed.  Closing bug.