[haiku-webkit-commits] r295 - in webkit/trunk/WebKit/haiku: API WebPositive
- From: webkit@xxxxxxxxxxxxxxx
- To: haiku-webkit-commits@xxxxxxxxxxxxx
- Date: Sat, 06 Mar 2010 12:41:49 +0000
Author: stippi
Date: Sat Mar 6 12:41:48 2010
New Revision: 295
URL: http://mmlr.dyndns.org/changeset/295
Log:
* Use a different deletion strategy for the BWebView. Since the BWebPage will
delete itself in the application thread, we cannot delete the BWebView before
this happens in the window thread. Now BWebPage is repsonsible for deleting
the view.
* Also make sure that there are not still loaders running on the frame. Since
the timer messages arrive in a different handler than the BWebPage handler,
the timer functions being called could operate on stale pointers. I am not
sure why WebCore doesn't make sure of this itself. Perhaps we are not
supposed
to delete something directly, but via reference counting. Though I am not
sure
what it would be, since WebCore::Page is not reference countable. Maybe the
frame... need to investigate. After all, there could be other timers in the
queue besides loading related ones.
Modified:
webkit/trunk/WebKit/haiku/API/WebPage.cpp
webkit/trunk/WebKit/haiku/API/WebView.cpp
webkit/trunk/WebKit/haiku/API/WebView.h
webkit/trunk/WebKit/haiku/API/WebWindow.cpp
webkit/trunk/WebKit/haiku/WebPositive/BrowserWindow.cpp
webkit/trunk/WebKit/haiku/WebPositive/BrowserWindow.h
Modified: webkit/trunk/WebKit/haiku/API/WebPage.cpp
==============================================================================
--- webkit/trunk/WebKit/haiku/API/WebPage.cpp Sat Mar 6 00:25:02 2010
(r294)
+++ webkit/trunk/WebKit/haiku/API/WebPage.cpp Sat Mar 6 12:41:48 2010
(r295)
@@ -184,9 +184,20 @@
BWebPage::~BWebPage()
{
+ // We need to make sure there are no more timers running, since those
+ // arrive to a different, global handler (the timer handler), and the
+ // timer functions would then operate on stale pointers.
+ if (m_mainFrame && m_mainFrame->Frame())
+ m_mainFrame->Frame()->loader()->stopAllLoaders();
delete m_settings;
delete m_mainFrame;
delete m_page;
+ // Deleting the BWebView is deferred here to keep it alive in
+ // case some timers still fired after the view calling Shutdown() but
+ // before we processed the shutdown message. If the BWebView had already
+ // deleted itself before we reach the shutdown message, there would be
+ // a race condition and chance to operate on a stale BWebView pointer.
+ delete m_webView;
}
// #pragma mark - public
Modified: webkit/trunk/WebKit/haiku/API/WebView.cpp
==============================================================================
--- webkit/trunk/WebKit/haiku/API/WebView.cpp Sat Mar 6 00:25:02 2010
(r294)
+++ webkit/trunk/WebKit/haiku/API/WebView.cpp Sat Mar 6 12:41:48 2010
(r295)
@@ -72,6 +72,13 @@
}
}
+void BWebView::Shutdown()
+{
+ if (Window())
+ RemoveSelf();
+ fWebPage->Shutdown();
+}
+
// #pragma mark - BView hooks
void BWebView::AttachedToWindow()
@@ -81,7 +88,6 @@
void BWebView::DetachedFromWindow()
{
- fWebPage->Shutdown();
}
void BWebView::Show()
Modified: webkit/trunk/WebKit/haiku/API/WebView.h
==============================================================================
--- webkit/trunk/WebKit/haiku/API/WebView.h Sat Mar 6 00:25:02 2010
(r294)
+++ webkit/trunk/WebKit/haiku/API/WebView.h Sat Mar 6 12:41:48 2010
(r295)
@@ -38,7 +38,11 @@
class BWebView : public BView {
public:
BWebView(const
char* name);
- virtual ~BWebView();
+
+ // The BWebView needs to be deleted by the BWebPage instance running
+ // on the application thread in order to prevent possible race
conditions.
+ // Call Shutdown() to initiate the deletion.
+ void Shutdown();
// BView hooks
virtual void AttachedToWindow();
@@ -90,6 +94,8 @@
private:
friend class BWebPage;
+ virtual ~BWebView();
+
inline BBitmap* OffscreenBitmap() const
{
return fOffscreenBitmap; }
inline BView* OffscreenView() const
Modified: webkit/trunk/WebKit/haiku/API/WebWindow.cpp
==============================================================================
--- webkit/trunk/WebKit/haiku/API/WebWindow.cpp Sat Mar 6 00:25:02 2010
(r294)
+++ webkit/trunk/WebKit/haiku/API/WebWindow.cpp Sat Mar 6 12:41:48 2010
(r295)
@@ -259,10 +259,8 @@
bool BWebWindow::QuitRequested()
{
// Do this here, so WebKit tear down happens earlier.
- if (fWebView) {
- fWebView->RemoveSelf();
- delete fWebView;
- }
+ if (fWebView)
+ fWebView->Shutdown();
return true;
}
Modified: webkit/trunk/WebKit/haiku/WebPositive/BrowserWindow.cpp
==============================================================================
--- webkit/trunk/WebKit/haiku/WebPositive/BrowserWindow.cpp Sat Mar 6
00:25:02 2010 (r294)
+++ webkit/trunk/WebKit/haiku/WebPositive/BrowserWindow.cpp Sat Mar 6
12:41:48 2010 (r295)
@@ -527,7 +527,7 @@
int32 index;
if (message->FindInt32("tab index", &index) != B_OK)
index = fTabManager->SelectedTabIndex();
- delete fTabManager->RemoveTab(index);
+ _ShutdownTab(index);
_UpdateTabGroupVisibility();
} else
PostMessage(B_QUIT_REQUESTED);
@@ -581,7 +581,7 @@
// Iterate over all tabs to delete all BWebViews.
// Do this here, so WebKit tear down happens earlier.
while (fTabManager->CountTabs() > 0)
- delete fTabManager->RemoveTab(0L);
+ _ShutdownTab(0);
SetCurrentWebView(0);
BMessage message(WINDOW_CLOSED);
@@ -900,3 +900,15 @@
Unlock();
}
}
+
+
+void
+BrowserWindow::_ShutdownTab(int32 index)
+{
+ BView* view = fTabManager->RemoveTab(index);
+ BWebView* webView = dynamic_cast<BWebView*>(view);
+ if (webView)
+ webView->Shutdown();
+ else
+ delete view;
+}
Modified: webkit/trunk/WebKit/haiku/WebPositive/BrowserWindow.h
==============================================================================
--- webkit/trunk/WebKit/haiku/WebPositive/BrowserWindow.h Sat Mar 6
00:25:02 2010 (r294)
+++ webkit/trunk/WebKit/haiku/WebPositive/BrowserWindow.h Sat Mar 6
12:41:48 2010 (r295)
@@ -118,6 +118,7 @@
private:
void _UpdateTitle(const
BString &title);
void
_UpdateTabGroupVisibility();
+ void _ShutdownTab(int32
index);
private:
BMessenger fDownloadListener;
Other related posts:
- » [haiku-webkit-commits] r295 - in webkit/trunk/WebKit/haiku: API WebPositive - webkit
