mirror of
https://github.com/RGBCube/serenity
synced 2025-07-25 19:27:44 +00:00
LibWeb: Use JS::HeapFunction for HTML::Timer callback
Before the completion_steps for timer were casted from JS::SafeFunction to Function in HTML::Timer constructor, which is incorrect because then callback's captured GC-allocated objects are not protected from being deallocated. Let's modify HTML::Timer to use JS::HeapFunction for the callback instead.
This commit is contained in:
parent
883a97984c
commit
4e8654e31b
3 changed files with 17 additions and 9 deletions
|
@ -12,6 +12,7 @@
|
|||
#include <LibCore/Forward.h>
|
||||
#include <LibJS/Heap/Cell.h>
|
||||
#include <LibJS/Heap/GCPtr.h>
|
||||
#include <LibJS/Heap/HeapFunction.h>
|
||||
#include <LibWeb/Forward.h>
|
||||
|
||||
namespace Web::HTML {
|
||||
|
@ -27,13 +28,13 @@ public:
|
|||
void stop();
|
||||
|
||||
private:
|
||||
Timer(JS::Object& window, i32 milliseconds, Function<void()> callback, i32 id);
|
||||
Timer(JS::Object& window, i32 milliseconds, JS::NonnullGCPtr<JS::HeapFunction<void()>> callback, i32 id);
|
||||
|
||||
virtual void visit_edges(Cell::Visitor&) override;
|
||||
|
||||
RefPtr<Core::Timer> m_timer;
|
||||
JS::NonnullGCPtr<JS::Object> m_window_or_worker_global_scope;
|
||||
Function<void()> m_callback;
|
||||
JS::NonnullGCPtr<JS::HeapFunction<void()>> m_callback;
|
||||
i32 m_id { 0 };
|
||||
};
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue