RESOLVED FIXED Bug 40152
WebKit2: Need to remove WebView from WindowMessageBroadcaster's listeners list after the WebView is destroyed 
https://bugs.webkit.org/show_bug.cgi?id=40152
Summary WebKit2: Need to remove WebView from WindowMessageBroadcaster's listeners lis...
Ada Chan
Reported 2010-06-03 18:23:56 PDT
Whenever a new WebView is created, WebView::windowAncestryDidChange() is called so that the WebView is added as a WindowMessageListener in the WindowMessageBroadcaster for its top level window. However, we don't remove it from the listener list when the WebView is destroyed. That will leave a stale WebView in the listener list of WindowMessageBroadcaster and can result in a crash later. We should do what we did in the original WebKit: have a WebView::setHostWindow() that calls WebView::windowAncestryDidChange(), and have WebView call setHostWindow(0) when it's destroyed.
Attachments
Patch (5.32 KB, patch)
2010-06-03 21:01 PDT, Ada Chan 		aroben: review+
DetailsFormatted DiffDiff
Patch - fix the switch case indentation (5.31 KB, patch)
2010-06-03 21:11 PDT, Ada Chan 		aroben: review-
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Ada Chan
Comment 1 2010-06-03 21:01:33 PDT
Created attachment 57843 [details] Patch Call setHostWindow(0) when the WebView is destroyed, which will call windowAncestryDidChange() and remove this WebView from the WindowMessageBroadcaster's listeners list.
WebKit Review Bot
Comment 2 2010-06-03 21:04:47 PDT
Attachment 57843 [details] did not pass style-queue: Failed to run "['WebKitTools/Scripts/check-webkit-style', '--no-squash']" exit_code: 1 WebKit2/UIProcess/win/WebView.cpp:79: A case label should not be indented, but line up with its switch statement. [whitespace/indent] [4] Total errors found: 1 in 5 files If any of these errors are false positives, please file a bug against check-webkit-style.
Ada Chan
Comment 3 2010-06-03 21:11:03 PDT
Created attachment 57844 [details] Patch - fix the switch case indentation
Adam Roben (:aroben)
Comment 4 2010-06-03 22:08:17 PDT
Comment on attachment 57843 [details] Patch > +void WebView::setHostWindow(HWND hostWindow) > +{ > + if (m_window) { > + if (hostWindow) > + SetParent(m_window, hostWindow); > + else if (!isBeingDestroyed()) { > + // Turn the WebView into a message-only window so it will no longer be a child of the > + // old host window and will be hidden from screen. We only do this when > + // isBeingDestroyed() is false because doing this while handling WM_DESTROY can leave > + // m_viewWindow in a weird state (see <http://webkit.org/b/29337>). > + SetParent(m_window, HWND_MESSAGE); > + } The comment should be updated to say m_window, not m_viewWindow. Let's just bail out early if GetParent(m_window) == hostWindow. (I know WebView doesn't do that, but it seems like a good idea.) I don't think the private set/isBeginDestroyed functions are all that helpful. r=me
Adam Roben (:aroben)
Comment 5 2010-06-03 22:09:37 PDT
Comment on attachment 57844 [details] Patch - fix the switch case indentation Actually, I think it's better to check in your first patch (since it matches the local style).
Ada Chan
Comment 6 2010-06-04 11:25:49 PDT
Fixed in http://trac.webkit.org/changeset/60691
Note You need to log in before you can comment on or make changes to this bug.