[SCM] WebKit Debian packaging branch, debian/unstable, updated. debian/1.1.15-1-40151-g37bb677
mjs
mjs at 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Sat Sep 26 07:42:32 UTC 2009
The following commit has been merged in the debian/unstable branch:
commit fb67578953a5e9c58b8b5936c95499dae6d9cfc4
Author: mjs <mjs at 268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Sat May 17 01:40:18 2003 +0000
Reviewed by Richard.
- fixed 3260940 - REGRESSION: reproducible crash freeing page cache item
- fixed 3241041 - REGRESSION: repro world leak of 1 JavaScript interpreter
The fix for these problems and probably other page cache wackiness
was to use a refcounting scheme for KHTMLView instead of counting
on the previous tricky ownership rules.
* khtml/khtmlview.cpp:
(KHTMLView::KHTMLView): Initialize _refCount to 1.
(KHTMLView::~KHTMLView): Assert that _refCount is 0, to make sure no one is deleting
views explicitly.
* khtml/khtmlview.h:
* khtml/rendering/render_frames.cpp:
(RenderPart::~RenderPart): If our view is a KHTMLView, deref it.
(RenderPart::setWidget): If the view is a KHTMLView, tell the superclass not to
delete it and ref it.
* khtml/rendering/render_frames.h:
* khtml/rendering/render_replaced.cpp:
(RenderWidget::RenderWidget): Initizlize m_deleteWidget to false.
(RenderWidget::~RenderWidget): Only delete widget if we're supposed to.
(RenderWidget::setQWidget): Add extra delegeWidget argument that says whether
to delete this widget when done - defaults to true.
* khtml/rendering/render_replaced.h:
* kwq/KWQKHTMLPart.h:
* kwq/KWQKHTMLPart.mm:
(KWQKHTMLPart::KWQKHTMLPart): Removed _ownsView boolean -- we'll always hang on
to a ref to it now.
(KWQKHTMLPart::~KWQKHTMLPart): Deref the view always instead of deleting it sometimes.
(KWQKHTMLPart::setView): deref the old view if not null. ref the new view if not null.
Drop tricky ownership rules.
(KWQKHTMLPart::openURLFromPageCache): Remove no longer applicable comment about the
importance of when setView is called.
* kwq/KWQPageState.mm:
(-[KWQPageState initWithDocument:URL:windowProperties:locationProperties:]): ref the
document's view.
(-[KWQPageState invalidate]): deref the document's view.
(-[KWQPageState dealloc]): deref the document's view instead of deleting it.
* kwq/WebCoreBridge.mm:
(-[WebCoreBridge createKHTMLViewWithNSView:marginWidth:marginHeight:]): No more need
to pass weOwnIt argument to setView. Also, deref the view after passing it to the
KWQKHTMLView -- we own the initial ref since we allocated it.
(-[WebCoreBridge removeFromFrame]): No more need to pass weOwnIt argument to setView.
(-[WebCoreBridge installInFrame:]): Ditto.
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@4390 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebCore/ChangeLog-2003-10-25 b/WebCore/ChangeLog-2003-10-25
index d74187c..4e5969f 100644
--- a/WebCore/ChangeLog-2003-10-25
+++ b/WebCore/ChangeLog-2003-10-25
@@ -1,5 +1,53 @@
2003-05-16 Maciej Stachowiak <mjs at apple.com>
+ Reviewed by Richard.
+
+ - fixed 3260940 - REGRESSION: reproducible crash freeing page cache item
+ - fixed 3241041 - REGRESSION: repro world leak of 1 JavaScript interpreter
+
+ The fix for these problems and probably other page cache wackiness
+ was to use a refcounting scheme for KHTMLView instead of counting
+ on the previous tricky ownership rules.
+
+ * khtml/khtmlview.cpp:
+ (KHTMLView::KHTMLView): Initialize _refCount to 1.
+ (KHTMLView::~KHTMLView): Assert that _refCount is 0, to make sure no one is deleting
+ views explicitly.
+ * khtml/khtmlview.h:
+ * khtml/rendering/render_frames.cpp:
+ (RenderPart::~RenderPart): If our view is a KHTMLView, deref it.
+ (RenderPart::setWidget): If the view is a KHTMLView, tell the superclass not to
+ delete it and ref it.
+ * khtml/rendering/render_frames.h:
+ * khtml/rendering/render_replaced.cpp:
+ (RenderWidget::RenderWidget): Initizlize m_deleteWidget to false.
+ (RenderWidget::~RenderWidget): Only delete widget if we're supposed to.
+ (RenderWidget::setQWidget): Add extra delegeWidget argument that says whether
+ to delete this widget when done - defaults to true.
+ * khtml/rendering/render_replaced.h:
+ * kwq/KWQKHTMLPart.h:
+ * kwq/KWQKHTMLPart.mm:
+ (KWQKHTMLPart::KWQKHTMLPart): Removed _ownsView boolean -- we'll always hang on
+ to a ref to it now.
+ (KWQKHTMLPart::~KWQKHTMLPart): Deref the view always instead of deleting it sometimes.
+ (KWQKHTMLPart::setView): deref the old view if not null. ref the new view if not null.
+ Drop tricky ownership rules.
+ (KWQKHTMLPart::openURLFromPageCache): Remove no longer applicable comment about the
+ importance of when setView is called.
+ * kwq/KWQPageState.mm:
+ (-[KWQPageState initWithDocument:URL:windowProperties:locationProperties:]): ref the
+ document's view.
+ (-[KWQPageState invalidate]): deref the document's view.
+ (-[KWQPageState dealloc]): deref the document's view instead of deleting it.
+ * kwq/WebCoreBridge.mm:
+ (-[WebCoreBridge createKHTMLViewWithNSView:marginWidth:marginHeight:]): No more need
+ to pass weOwnIt argument to setView. Also, deref the view after passing it to the
+ KWQKHTMLView -- we own the initial ref since we allocated it.
+ (-[WebCoreBridge removeFromFrame]): No more need to pass weOwnIt argument to setView.
+ (-[WebCoreBridge installInFrame:]): Ditto.
+
+2003-05-16 Maciej Stachowiak <mjs at apple.com>
+
Reviewed by Ken.
- fixed 3256997 - reproducible world leak (of 1 JavaScript interpreter) using google images
diff --git a/WebCore/ChangeLog-2005-08-23 b/WebCore/ChangeLog-2005-08-23
index d74187c..4e5969f 100644
--- a/WebCore/ChangeLog-2005-08-23
+++ b/WebCore/ChangeLog-2005-08-23
@@ -1,5 +1,53 @@
2003-05-16 Maciej Stachowiak <mjs at apple.com>
+ Reviewed by Richard.
+
+ - fixed 3260940 - REGRESSION: reproducible crash freeing page cache item
+ - fixed 3241041 - REGRESSION: repro world leak of 1 JavaScript interpreter
+
+ The fix for these problems and probably other page cache wackiness
+ was to use a refcounting scheme for KHTMLView instead of counting
+ on the previous tricky ownership rules.
+
+ * khtml/khtmlview.cpp:
+ (KHTMLView::KHTMLView): Initialize _refCount to 1.
+ (KHTMLView::~KHTMLView): Assert that _refCount is 0, to make sure no one is deleting
+ views explicitly.
+ * khtml/khtmlview.h:
+ * khtml/rendering/render_frames.cpp:
+ (RenderPart::~RenderPart): If our view is a KHTMLView, deref it.
+ (RenderPart::setWidget): If the view is a KHTMLView, tell the superclass not to
+ delete it and ref it.
+ * khtml/rendering/render_frames.h:
+ * khtml/rendering/render_replaced.cpp:
+ (RenderWidget::RenderWidget): Initizlize m_deleteWidget to false.
+ (RenderWidget::~RenderWidget): Only delete widget if we're supposed to.
+ (RenderWidget::setQWidget): Add extra delegeWidget argument that says whether
+ to delete this widget when done - defaults to true.
+ * khtml/rendering/render_replaced.h:
+ * kwq/KWQKHTMLPart.h:
+ * kwq/KWQKHTMLPart.mm:
+ (KWQKHTMLPart::KWQKHTMLPart): Removed _ownsView boolean -- we'll always hang on
+ to a ref to it now.
+ (KWQKHTMLPart::~KWQKHTMLPart): Deref the view always instead of deleting it sometimes.
+ (KWQKHTMLPart::setView): deref the old view if not null. ref the new view if not null.
+ Drop tricky ownership rules.
+ (KWQKHTMLPart::openURLFromPageCache): Remove no longer applicable comment about the
+ importance of when setView is called.
+ * kwq/KWQPageState.mm:
+ (-[KWQPageState initWithDocument:URL:windowProperties:locationProperties:]): ref the
+ document's view.
+ (-[KWQPageState invalidate]): deref the document's view.
+ (-[KWQPageState dealloc]): deref the document's view instead of deleting it.
+ * kwq/WebCoreBridge.mm:
+ (-[WebCoreBridge createKHTMLViewWithNSView:marginWidth:marginHeight:]): No more need
+ to pass weOwnIt argument to setView. Also, deref the view after passing it to the
+ KWQKHTMLView -- we own the initial ref since we allocated it.
+ (-[WebCoreBridge removeFromFrame]): No more need to pass weOwnIt argument to setView.
+ (-[WebCoreBridge installInFrame:]): Ditto.
+
+2003-05-16 Maciej Stachowiak <mjs at apple.com>
+
Reviewed by Ken.
- fixed 3256997 - reproducible world leak (of 1 JavaScript interpreter) using google images
diff --git a/WebCore/khtml/khtmlview.cpp b/WebCore/khtml/khtmlview.cpp
index c4e73f9..c33be04 100644
--- a/WebCore/khtml/khtmlview.cpp
+++ b/WebCore/khtml/khtmlview.cpp
@@ -205,7 +205,8 @@ void KHTMLToolTip::maybeTip(const QPoint& /*p*/)
#endif
KHTMLView::KHTMLView( KHTMLPart *part, QWidget *parent, const char *name)
- : QScrollView( parent, name, WResizeNoErase | WRepaintNoErase | WPaintUnclipped )
+ : QScrollView( parent, name, WResizeNoErase | WRepaintNoErase | WPaintUnclipped ),
+ _refCount(1)
{
m_medium = "screen";
@@ -239,6 +240,8 @@ KHTMLView::KHTMLView( KHTMLPart *part, QWidget *parent, const char *name)
KHTMLView::~KHTMLView()
{
+ assert(_refCount == 0);
+
if (m_part)
{
//WABA: Is this Ok? Do I need to deref it as well?
diff --git a/WebCore/khtml/khtmlview.h b/WebCore/khtml/khtmlview.h
index fa1ec62..0287c39 100644
--- a/WebCore/khtml/khtmlview.h
+++ b/WebCore/khtml/khtmlview.h
@@ -189,6 +189,9 @@ public:
QWidget *topLevelWidget() const;
QPoint mapToGlobal(const QPoint &) const;
#endif
+
+ void ref() { ++_refCount; }
+ void deref() { if (!--_refCount) delete this; }
protected slots:
void slotPaletteChanged();
@@ -255,6 +258,8 @@ private:
// ------------------------------------- member variables ------------------------------------
private:
+ unsigned _refCount;
+
int _width;
int _height;
diff --git a/WebCore/khtml/rendering/render_frames.cpp b/WebCore/khtml/rendering/render_frames.cpp
index 46656ae..9e0fdc8 100644
--- a/WebCore/khtml/rendering/render_frames.cpp
+++ b/WebCore/khtml/rendering/render_frames.cpp
@@ -559,17 +559,36 @@ RenderPart::RenderPart(DOM::HTMLElementImpl* node)
setInline(false);
}
+RenderPart::~RenderPart()
+{
+ if(m_widget->inherits("KHTMLView")) {
+ static_cast<KHTMLView *>(m_widget)->deref();
+ }
+}
+
void RenderPart::setWidget( QWidget *widget )
{
#ifdef DEBUG_LAYOUT
kdDebug(6031) << "RenderPart::setWidget()" << endl;
#endif
- setQWidget( widget );
- if(widget->inherits("KHTMLView"))
- connect( widget, SIGNAL( cleared() ), this, SLOT( slotViewCleared() ) );
+
+ if (widget == m_widget) {
+ return;
+ }
+ if(m_widget->inherits("KHTMLView")) {
+ static_cast<KHTMLView *>(m_widget)->deref();
+ }
+
+ if(widget->inherits("KHTMLView")) {
+ static_cast<KHTMLView *>(widget)->ref();
+ setQWidget( widget, false );
+ connect( widget, SIGNAL( cleared() ), this, SLOT( slotViewCleared() ) );
+ } else {
+ setQWidget( widget );
+ }
setNeedsLayoutAndMinMaxRecalc();
-
+
// make sure the scrollbars are set correctly for restore
// ### find better fix
slotViewCleared();
diff --git a/WebCore/khtml/rendering/render_frames.h b/WebCore/khtml/rendering/render_frames.h
index 739d144..c71fa5b 100644
--- a/WebCore/khtml/rendering/render_frames.h
+++ b/WebCore/khtml/rendering/render_frames.h
@@ -92,7 +92,8 @@ class RenderPart : public khtml::RenderWidget
Q_OBJECT
public:
RenderPart(DOM::HTMLElementImpl* node);
-
+ RenderPart::~RenderPart();
+
virtual const char *renderName() const { return "RenderPart"; }
virtual void setWidget( QWidget *widget );
diff --git a/WebCore/khtml/rendering/render_replaced.cpp b/WebCore/khtml/rendering/render_replaced.cpp
index 443a5f2..9126917 100644
--- a/WebCore/khtml/rendering/render_replaced.cpp
+++ b/WebCore/khtml/rendering/render_replaced.cpp
@@ -116,7 +116,8 @@ bool RenderReplaced::canHaveChildren() const
// -----------------------------------------------------------------------------
RenderWidget::RenderWidget(DOM::NodeImpl* node)
- : RenderReplaced(node)
+ : RenderReplaced(node),
+ m_deleteWidget(false)
{
m_widget = 0;
// a replaced element doesn't support being anonymous
@@ -148,7 +149,9 @@ RenderWidget::~RenderWidget()
{
KHTMLAssert( refCount() <= 0 );
- delete m_widget;
+ if (m_deleteWidget) {
+ delete m_widget;
+ }
}
void RenderWidget::resizeWidget( QWidget *widget, int w, int h )
@@ -168,14 +171,16 @@ void RenderWidget::resizeWidget( QWidget *widget, int w, int h )
}
}
-void RenderWidget::setQWidget(QWidget *widget)
+void RenderWidget::setQWidget(QWidget *widget, bool deleteWidget)
{
if (widget != m_widget)
{
if (m_widget) {
m_widget->removeEventFilter(this);
disconnect( m_widget, SIGNAL( destroyed()), this, SLOT( slotWidgetDestructed()));
- delete m_widget;
+ if (m_deleteWidget) {
+ delete m_widget;
+ }
m_widget = 0;
}
m_widget = widget;
@@ -194,6 +199,7 @@ void RenderWidget::setQWidget(QWidget *widget)
}
m_view->addChild( m_widget, -500000, 0 );
}
+ m_deleteWidget = deleteWidget;
}
void RenderWidget::layout( )
diff --git a/WebCore/khtml/rendering/render_replaced.h b/WebCore/khtml/rendering/render_replaced.h
index 6187b65..a6a85ef 100644
--- a/WebCore/khtml/rendering/render_replaced.h
+++ b/WebCore/khtml/rendering/render_replaced.h
@@ -92,10 +92,11 @@ public slots:
protected:
bool eventFilter(QObject* /*o*/, QEvent* e);
- void setQWidget(QWidget *widget);
+ void setQWidget(QWidget *widget, bool deleteWidget = true);
void resizeWidget( QWidget *widget, int w, int h );
virtual void handleFocusOut();
+ bool m_deleteWidget;
QWidget *m_widget;
KHTMLView* m_view;
};
diff --git a/WebCore/kwq/KWQKHTMLPart.h b/WebCore/kwq/KWQKHTMLPart.h
index 09e9fa2..c56017b 100644
--- a/WebCore/kwq/KWQKHTMLPart.h
+++ b/WebCore/kwq/KWQKHTMLPart.h
@@ -83,8 +83,7 @@ public:
void setBridge(WebCoreBridge *p);
WebCoreBridge *bridge() const { return _bridge; }
- void setView(KHTMLView *view, bool weOwnIt);
- void setOwnsView(bool weOwnIt) { _ownsView = weOwnIt; }
+ void setView(KHTMLView *view);
KHTMLView *view() const;
virtual bool openURL(const KURL &);
@@ -236,8 +235,6 @@ private:
KWQSignal _completed;
KWQSignal _completedWithBool;
- bool _ownsView;
-
NSView *_mouseDownView;
bool _mouseDownWasInSubframe;
bool _sendingEventToSubview;
diff --git a/WebCore/kwq/KWQKHTMLPart.mm b/WebCore/kwq/KWQKHTMLPart.mm
index b74f04a..24e6b3e 100644
--- a/WebCore/kwq/KWQKHTMLPart.mm
+++ b/WebCore/kwq/KWQKHTMLPart.mm
@@ -133,7 +133,6 @@ KWQKHTMLPart::KWQKHTMLPart()
: _started(this, SIGNAL(started(KIO::Job *)))
, _completed(this, SIGNAL(completed()))
, _completedWithBool(this, SIGNAL(completed(bool)))
- , _ownsView(false)
, _mouseDownView(nil)
, _sendingEventToSubview(false)
, _mouseDownMayStartDrag(false)
@@ -156,8 +155,8 @@ KWQKHTMLPart::KWQKHTMLPart()
KWQKHTMLPart::~KWQKHTMLPart()
{
mutableInstances().remove(this);
- if (_ownsView) {
- delete d->m_view;
+ if (d->m_view) {
+ d->m_view->deref();
}
[_formValuesAboutToBeSubmitted release];
[_formAboutToBeSubmitted release];
@@ -618,7 +617,7 @@ ReadOnlyPart *KWQKHTMLPart::createPart(const ChildFrame &child, const KURL &url,
}
}
-void KWQKHTMLPart::setView(KHTMLView *view, bool weOwnIt)
+void KWQKHTMLPart::setView(KHTMLView *view)
{
// Detach the document now, so any onUnload handlers get run - if
// we wait until the view is destroyed, then things won't be
@@ -627,13 +626,14 @@ void KWQKHTMLPart::setView(KHTMLView *view, bool weOwnIt)
d->m_doc->detach();
}
- if (_ownsView) {
- if (!(d->m_doc && d->m_doc->inPageCache()))
- delete d->m_view;
+ if (d->m_view) {
+ d->m_view->deref();
}
d->m_view = view;
+ if (d->m_view) {
+ d->m_view->ref();
+ }
setWidget(view);
- _ownsView = weOwnIt;
// Only one form submission is allowed per view of a part.
// Since this part may be getting reused as a result of being
@@ -1011,10 +1011,7 @@ void KWQKHTMLPart::openURLFromPageCache(KWQPageState *state)
d->m_bLoadEventEmitted = false;
d->m_referrer = m_url.url();
- // We have to change the view back before setting the document,
- // so that we test whether the *previous* document is in the page
- // cache when deciding whether to delete the previous view.
- setView (doc->view(), true);
+ setView(doc->view());
d->m_doc = doc;
d->m_doc->ref();
diff --git a/WebCore/kwq/KWQPageState.mm b/WebCore/kwq/KWQPageState.mm
index 09d46cb..2fdcf83 100644
--- a/WebCore/kwq/KWQPageState.mm
+++ b/WebCore/kwq/KWQPageState.mm
@@ -49,6 +49,7 @@ using KJS::SavedProperties;
document = doc;
docRenderer = doc->renderer();
document->setInPageCache(YES);
+ document->view()->ref();
URL = new KURL(u);
windowProperties = wp;
locationProperties = lp;
@@ -88,13 +89,14 @@ using KJS::SavedProperties;
ASSERT(document);
document->setInPageCache(NO);
-
+
// Do NOT detach the renderer here. The ownership of the renderer
// has been handed off to core. The renderer is being used in an
// active page. It will be either cleaned up with the document or
// re-added to another page cache.
docRenderer = 0;
-
+
+ document->view()->deref();
document->deref();
document = 0;
@@ -123,7 +125,7 @@ using KJS::SavedProperties;
if (view) {
view->clearPart();
- delete view;
+ view->deref();
}
}
diff --git a/WebCore/kwq/WebCoreBridge.mm b/WebCore/kwq/WebCoreBridge.mm
index a75760d..d495799 100644
--- a/WebCore/kwq/WebCoreBridge.mm
+++ b/WebCore/kwq/WebCoreBridge.mm
@@ -289,7 +289,8 @@ static bool initializedObjectCacheSize = FALSE;
[self removeFromFrame];
KHTMLView *kview = new KHTMLView(_part, 0);
- _part->setView(kview, true);
+ _part->setView(kview);
+ kview->deref();
kview->setView(view);
if (mw >= 0)
@@ -470,7 +471,7 @@ static BOOL nowPrinting(WebCoreBridge *self)
- (void)removeFromFrame
{
- _part->setView(0, false);
+ _part->setView(0);
}
- (void)installInFrame:(NSView *)view
@@ -483,7 +484,6 @@ static BOOL nowPrinting(WebCoreBridge *self)
if (_renderPart) {
_renderPart->setWidget(_part->view());
// Now the render part owns the view, so we don't any more.
- _part->setOwnsView(false);
}
}
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list