View | Details | Raw Unified | Return to bug 13250 | Differences between
and this patch

Collapse All | Expand All

(-)WebCore/ChangeLog (+17 lines)
Lines 1-3 Link Here
1 
2007-04-02  Mitz Pettel  <mitz@webkit.org>
2 

            

            

              3
              
        Reviewed by NOBODY (OOPS!).

            

            

              4
              

            

            

              5
              
        - fix http://bugs.webkit.org/show_bug.cgi?id=13250

            

            

              6
              
          REGRESSION: Browser crash on clicking back button while at link specified above (ObjC wrapper outlives JS wrapper)

            

            

              7
              

            

            

              8
              
        Made WebScriptObject protect the JS object directly, in addition to adding

            

            

              9
              
        it to the root object's protected set. This is necessary because the root object

            

            

              10
              
        can be invalidated (thus dropping its own protection of the JS object) while the

            

            

              11
              
        client is still retaining the WebScriptObject.

            

            

              12
              

            

            

              13
              
        * bindings/objc/WebScriptObject.mm:

            

            

              14
              
        (-[WebScriptObject _setImp:originRootObject:rootObject:]):

            

            

              15
              
        (-[WebScriptObject dealloc]):

            

            

              16
              
        (-[WebScriptObject finalize]):

            

            

              17
              

            

        

          1
          
2007-03-31  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>

          18
          
2007-03-31  Krzysztof Kowalczyk  <kkowalczyk@gmail.com>

        

        

          2
          

          19
          

        

        

          3
          
        Not reviewed - gdk build fix.

          20
          
        Not reviewed - gdk build fix.

        



(-)WebCore/bindings/objc/WebScriptObject.mm
      (+14 lines)




  

    
      
            Lines 78-83
          static void _didExecute(WebScriptObject 
      
      
        Link Here
      
    
  

        

          78
          

          78
          

        

        

          79
          
    if(_private->rootObject)

          79
          
    if(_private->rootObject)

        

        

          80
          
        _private->rootObject->gcProtect(imp);

          80
          
        _private->rootObject->gcProtect(imp);

        

            

              
              
              81
              
    // We may stick around after the root object is invalidated, so we need to

            

            

              82
              
    // also protect the JS object ourselves.

            

            

              83
              
    JSLock lock;

            

            

              84
              
    gcProtect(imp);

            

        

          81
          
}

          85
          
}

        

        

          82
          

          86
          

        

        

          83
          
- (id)_initWithJSObject:(KJS::JSObject*)imp originRootObject:(PassRefPtr<KJS::Bindings::RootObject>)originRootObject rootObject:(PassRefPtr<KJS::Bindings::RootObject>)rootObject

          87
          
- (id)_initWithJSObject:(KJS::JSObject*)imp originRootObject:(PassRefPtr<KJS::Bindings::RootObject>)originRootObject rootObject:(PassRefPtr<KJS::Bindings::RootObject>)rootObject

        

  

    
      
            Lines 131-136
          static void _didExecute(WebScriptObject 
      
      
        Link Here
      
    
  

        

          131
          
    if (_private->rootObject && _private->rootObject->isValid())

          135
          
    if (_private->rootObject && _private->rootObject->isValid())

        

        

          132
          
        _private->rootObject->gcUnprotect(_private->imp);

          136
          
        _private->rootObject->gcUnprotect(_private->imp);

        

        

          133
          

          137
          

        

            

              
              
              138
              
    if (_private->imp) {

            

            

              139
              
        JSLock lock;

            

            

              140
              
        gcUnprotect(_private->imp);

            

            

              141
              
    }

            

            

              142
              

            

        

          134
          
    if (_private->rootObject)

          143
          
    if (_private->rootObject)

        

        

          135
          
        _private->rootObject->deref();

          144
          
        _private->rootObject->deref();

        

        

          136
          

          145
          

        

  

    
      
            Lines 147-152
          static void _didExecute(WebScriptObject 
      
      
        Link Here
      
    
  

        

          147
          
    if (_private->rootObject && _private->rootObject->isValid())

          156
          
    if (_private->rootObject && _private->rootObject->isValid())

        

        

          148
          
        _private->rootObject->gcUnprotect(_private->imp);

          157
          
        _private->rootObject->gcUnprotect(_private->imp);

        

        

          149
          

          158
          

        

            

              
              
              159
              
    if (_private->imp) {

            

            

              160
              
        JSLock lock;

            

            

              161
              
        gcUnprotect(_private->imp);

            

            

              162
              
    }

            

            

              163
              

            

        

          150
          
    if (_private->rootObject)

          164
          
    if (_private->rootObject)

        

        

          151
          
        _private->rootObject->deref();

          165
          
        _private->rootObject->deref();

        

        

          152
          

          166
          

        






  

  Return to bug 13250