[webkit-changes] [93940] branches/chromium/835/Source/WebCore/platform/graphics/chromium

[enne]

Title: [93940] branches/chromium/835/Source/WebCore/platform/graphics/chromium

Revision

93940

Author

e...@google.com

Date

2011-08-27 11:58:52 -0700 (Sat, 27 Aug 2011)

Log Message

[chromium] Possible leak of LayerRendererChromium
https://bugs.webkit.org/show_bug.cgi?id=66981

Patch by James Robinson < jam...@chromium.org> on 2011-08-26
>From http://codereview.chromium.org/7749028/

Fix a number of reference cycle leaks that prevent
LayerRendererChromiums from being destroyed when a tab is closed.

Not possible to write a layout test where an entire WebView goes away.

* platform/graphics/chromium/GraphicsLayerChromium.cpp:
(WebCore::GraphicsLayerChromium::~GraphicsLayerChromium):
* platform/graphics/chromium/LayerRendererChromium.cpp:
(WebCore::LayerRendererChromium::clearRenderSurfacesOnCCLayerImplRecursive):
(WebCore::LayerRendererChromium::clearRootCCLayerImpl):
(WebCore::LayerRendererChromium::setRootLayer):
(WebCore::LayerRendererChromium::cleanupSharedObjects):
* platform/graphics/chromium/LayerRendererChromium.h:

Modified Paths

• branches/chromium/835/Source/WebCore/platform/graphics/chromium/GraphicsLayerChromium.cpp
• branches/chromium/835/Source/WebCore/platform/graphics/chromium/LayerRendererChromium.cpp
• branches/chromium/835/Source/WebCore/platform/graphics/chromium/LayerRendererChromium.h

Diff

Modified: branches/chromium/835/Source/WebCore/platform/graphics/chromium/GraphicsLayerChromium.cpp (93939 => 93940)

--- branches/chromium/835/Source/WebCore/platform/graphics/chromium/GraphicsLayerChromium.cpp	2011-08-27 18:57:16 UTC (rev 93939)
+++ branches/chromium/835/Source/WebCore/platform/graphics/chromium/GraphicsLayerChromium.cpp	2011-08-27 18:58:52 UTC (rev 93940)
@@ -102,12 +102,21 @@
 
 GraphicsLayerChromium::~GraphicsLayerChromium()
 {
-    if (m_layer)
+    if (m_layer) {
         m_layer->setOwner(0);
-    if (m_contentsLayer)
+        if (m_layer->ccLayerImpl())
+            m_layer->ccLayerImpl()->clearRenderSurface();
+    }
+    if (m_contentsLayer) {
         m_contentsLayer->setOwner(0);
-    if (m_transformLayer)
+        if (m_contentsLayer->ccLayerImpl())
+            m_contentsLayer->ccLayerImpl()->clearRenderSurface();
+    }
+    if (m_transformLayer) {
         m_transformLayer->setOwner(0);
+        if (m_transformLayer->ccLayerImpl())
+            m_transformLayer->ccLayerImpl()->clearRenderSurface();
+    }
 }
 
 void GraphicsLayerChromium::setName(const String& inName)

Modified: branches/chromium/835/Source/WebCore/platform/graphics/chromium/LayerRendererChromium.cpp (93939 => 93940)

--- branches/chromium/835/Source/WebCore/platform/graphics/chromium/LayerRendererChromium.cpp	2011-08-27 18:57:16 UTC (rev 93939)
+++ branches/chromium/835/Source/WebCore/platform/graphics/chromium/LayerRendererChromium.cpp	2011-08-27 18:58:52 UTC (rev 93940)
@@ -187,6 +187,21 @@
     cleanupSharedObjects();
 }
 
+void LayerRendererChromium::clearRenderSurfacesOnCCLayerImplRecursive(CCLayerImpl* layer)
+{
+    for (size_t i = 0; i < layer->children().size(); ++i)
+        clearRenderSurfacesOnCCLayerImplRecursive(layer->children()[i].get());
+    layer->clearRenderSurface();
+}
+
+void LayerRendererChromium::clearRootCCLayerImpl()
+{
+    if (m_rootCCLayerImpl)
+        clearRenderSurfacesOnCCLayerImplRecursive(m_rootCCLayerImpl.get());
+    m_computedRenderSurfaceLayerList.clear();
+    m_rootCCLayerImpl.clear();
+}
+
 GraphicsContext3D* LayerRendererChromium::context()
 {
     return m_context.get();
@@ -602,6 +617,8 @@
     m_rootLayer = layer;
     if (m_rootLayer)
         m_rootLayer->setLayerRenderer(this);
+    else
+        clearRootCCLayerImpl();
     m_rootLayerContentTiler->invalidateEntireLayer();
 }
 
@@ -1313,15 +1330,17 @@
 
     m_sharedGeometry.clear();
     m_borderProgram.clear();
-    m_canvasLayerProgram.clear();
     m_headsUpDisplayProgram.clear();
-    m_videoLayerRGBAProgram.clear();
-    m_videoLayerYUVProgram.clear();
-    m_pluginLayerProgram.clear();
     m_renderSurfaceProgram.clear();
     m_renderSurfaceMaskProgram.clear();
     m_tilerProgram.clear();
     m_tilerProgramSwizzle.clear();
+    m_tilerProgramAA.clear();
+    m_tilerProgramSwizzleAA.clear();
+    m_canvasLayerProgram.clear();
+    m_videoLayerRGBAProgram.clear();
+    m_videoLayerYUVProgram.clear();
+    m_pluginLayerProgram.clear();
     if (m_offscreenFramebufferId)
         GLC(m_context.get(), m_context->deleteFramebuffer(m_offscreenFramebufferId));
 

Modified: branches/chromium/835/Source/WebCore/platform/graphics/chromium/LayerRendererChromium.h (93939 => 93940)

--- branches/chromium/835/Source/WebCore/platform/graphics/chromium/LayerRendererChromium.h	2011-08-27 18:57:16 UTC (rev 93939)
+++ branches/chromium/835/Source/WebCore/platform/graphics/chromium/LayerRendererChromium.h	2011-08-27 18:58:52 UTC (rev 93940)
@@ -168,6 +168,7 @@
 protected:
     virtual PassOwnPtr<CCLayerTreeHostImplProxy> createLayerTreeHostImplProxy();
 
+    void clearRootCCLayerImpl();
 private:
     typedef Vector<RefPtr<CCLayerImpl> > LayerList;
     typedef HashMap<GraphicsContext3D*, int> ChildContextMap;
@@ -207,6 +208,8 @@
     bool initializeSharedObjects();
     void cleanupSharedObjects();
 
+    void clearRenderSurfacesOnCCLayerImplRecursive(CCLayerImpl*);
+
     void setLayerRendererRecursive(LayerChromium*);
 
     IntRect m_viewportVisibleRect;

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes