Re: [webkit-dev] Frame and FrameView references
On Feb 29, 2008, at 4:25 AM, Artem Ananiev wrote:
> setView(0);
> ...
> if (d->m_view) {
> d->m_view->hide();
> d->m_view->clearFrame();
> }
Good catch. This is all dead code and should be replaced with an
assertion:
ASSERT(!d->m_view);
> How this situation is supposed to be handled?
A FrameView holds a RefPtr to the Frame, so there's no way the Frame
could be destroyed until after the FrameView is destroyed.
The only reason there's anything complicated about this is some old
half-obsolete code in the back/forward cache. There's a call to
FrameView::clearFrame() in CachedPage::clear() that is made when the
page that's cached is removed from the cache. It's possible that with
some study this could be removed and we could entirely remove the
clearFrame() function.
-- Darin
___
webkit-dev mailing list
webkit-dev@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
[webkit-dev] Frame and FrameView references
Hi, all,
I have noticed the following strange code in Frame class:
Frame::~Frame()
{
setView(0);
...
if (d->m_view) {
d->m_view->hide();
d->m_view->clearFrame();
}
...
}
It is clear that the latter statements are never executed as d->m_view
is always NULL after setView(0). Then, I tried moving 'if' statement to
the very top of the method, but this didn't helped as setView(0) is
called every time before destructor.
I have also searched for all the places where m_frame field in FrameView
class is changed. Only two lines were found: in FrameView constructor
and in clearFrame(). As clearFrame() is never called, I get an outdated
reference to an instance of Frame in FrameView which results in a crash.
The frame view can't even be deleted as its destructor contains some
calls to m_frame object...
How this situation is supposed to be handled?
Thanks,
Artem
___
webkit-dev mailing list
webkit-dev@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
