[SCM] WebKit Debian packaging branch, webkit-1.2, updated. upstream/1.1.90-6072-g9a69373
aroben at apple.com
aroben at apple.com
Thu Apr 8 00:55:06 UTC 2010
The following commit has been merged in the webkit-1.2 branch:
commit 6fed69e5dc6cc3ff7e854a3a8ba5f48e0e063608
Author: aroben at apple.com <aroben at apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Tue Jan 5 23:07:21 2010 +0000
Make it safe to call IWebView::close when IWebView::initWithFrame hasn't been called
Part of <http://webkit.org/b/32827> Crash when calling
IWebView::close, then releasing the WebView, without calling
DestroyWindow
Reviewed by Steve Falkenburg.
WebKit/win:
* WebView.cpp:
(WebView::close): Null-check m_page and m_preferences before using
them. They will be null if initWithFrame was never called.
WebKitTools:
Test that it's safe to call IWebView::close when IWebView::initWithFrame
hasn't been called
* WebKitAPITest/tests/WebViewDestruction.cpp:
(WebKitAPITest::CloseWithoutInitWithFrame): Calls IWebView::close
without ever calling IWebView::initWithFrame and tests that we don't
crash or leak.
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@52829 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebKit/win/ChangeLog b/WebKit/win/ChangeLog
index af1c1a5..67a3ff6 100644
--- a/WebKit/win/ChangeLog
+++ b/WebKit/win/ChangeLog
@@ -1,5 +1,20 @@
2010-01-05 Adam Roben <aroben at apple.com>
+ Make it safe to call IWebView::close when IWebView::initWithFrame
+ hasn't been called
+
+ Part of <http://webkit.org/b/32827> Crash when calling
+ IWebView::close, then releasing the WebView, without calling
+ DestroyWindow
+
+ Reviewed by Steve Falkenburg.
+
+ * WebView.cpp:
+ (WebView::close): Null-check m_page and m_preferences before using
+ them. They will be null if initWithFrame was never called.
+
+2010-01-05 Adam Roben <aroben at apple.com>
+
Add assertions to catch double-destruction of WebViews earlier
I basically copied the m_deletionHasBegun logic from WTF::RefCounted.
diff --git a/WebKit/win/WebView.cpp b/WebKit/win/WebView.cpp
index c5d59c0..f1f2d4e 100644
--- a/WebKit/win/WebView.cpp
+++ b/WebKit/win/WebView.cpp
@@ -635,9 +635,10 @@ HRESULT STDMETHODCALLTYPE WebView::close()
removeFromAllWebViewsSet();
- Frame* frame = m_page->mainFrame();
- if (frame)
- frame->loader()->detachFromParent();
+ if (m_page) {
+ if (Frame* frame = m_page->mainFrame())
+ frame->loader()->detachFromParent();
+ }
if (m_mouseOutTracker) {
m_mouseOutTracker->dwFlags = TME_CANCEL;
@@ -668,17 +669,18 @@ HRESULT STDMETHODCALLTYPE WebView::close()
IWebNotificationCenter* notifyCenter = WebNotificationCenter::defaultCenterInternal();
notifyCenter->removeObserver(this, WebPreferences::webPreferencesChangedNotification(), static_cast<IWebPreferences*>(m_preferences.get()));
- BSTR identifier = 0;
- m_preferences->identifier(&identifier);
-
- COMPtr<WebPreferences> preferences = m_preferences;
- m_preferences = 0;
- preferences->didRemoveFromWebView();
- // Make sure we release the reference, since WebPreferences::removeReferenceForIdentifier will check for last reference to WebPreferences
- preferences = 0;
- if (identifier) {
- WebPreferences::removeReferenceForIdentifier(identifier);
- SysFreeString(identifier);
+ if (COMPtr<WebPreferences> preferences = m_preferences) {
+ BSTR identifier = 0;
+ preferences->identifier(&identifier);
+
+ m_preferences = 0;
+ preferences->didRemoveFromWebView();
+ // Make sure we release the reference, since WebPreferences::removeReferenceForIdentifier will check for last reference to WebPreferences
+ preferences = 0;
+ if (identifier) {
+ WebPreferences::removeReferenceForIdentifier(identifier);
+ SysFreeString(identifier);
+ }
}
deleteBackingStore();
diff --git a/WebKitTools/ChangeLog b/WebKitTools/ChangeLog
index c759531..d33f4c0 100644
--- a/WebKitTools/ChangeLog
+++ b/WebKitTools/ChangeLog
@@ -1,5 +1,21 @@
2010-01-05 Adam Roben <aroben at apple.com>
+ Test that it's safe to call IWebView::close when
+ IWebView::initWithFrame hasn't been called
+
+ Part of <http://webkit.org/b/32827> Crash when calling
+ IWebView::close, then releasing the WebView, without calling
+ DestroyWindow
+
+ Reviewed by Steve Falkenburg.
+
+ * WebKitAPITest/tests/WebViewDestruction.cpp:
+ (WebKitAPITest::CloseWithoutInitWithFrame): Calls IWebView::close
+ without ever calling IWebView::initWithFrame and tests that we don't
+ crash or leak.
+
+2010-01-05 Adam Roben <aroben at apple.com>
+
Add more WebViewDestruction tests
Fixes <http://webkit.org/b/33216>.
diff --git a/WebKitTools/WebKitAPITest/tests/WebViewDestruction.cpp b/WebKitTools/WebKitAPITest/tests/WebViewDestruction.cpp
index 280acac..6c09e6f 100644
--- a/WebKitTools/WebKitAPITest/tests/WebViewDestruction.cpp
+++ b/WebKitTools/WebKitAPITest/tests/WebViewDestruction.cpp
@@ -102,6 +102,16 @@ TEST(WebViewDestruction, NoInitWithFrame)
finishWebViewDestructionTest(webView, 0);
}
+TEST(WebViewDestruction, CloseWithoutInitWithFrame)
+{
+ COMPtr<IWebView> webView;
+ TEST_ASSERT(SUCCEEDED(WebKitCreateInstance(__uuidof(WebView), &webView)));
+
+ TEST_ASSERT(SUCCEEDED(webView->close()));
+
+ finishWebViewDestructionTest(webView, 0);
+}
+
// Tests that releasing a WebView without calling IWebView::close or DestroyWindow doesn't leak. <http://webkit.org/b/33162>
TEST(WebViewDestruction, NoCloseOrDestroyViewWindow)
{
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list