[webkit-changes] [141357] trunk

Wed, 30 Jan 2013 18:13:13 -0800

Title: [141357] trunk
Revision
141357
Author
[email protected]
Date
2013-01-30 18:15:03 -0800 (Wed, 30 Jan 2013)

Log Message

[Chromium] WebPluginContainerImpl adding imbalanced touch handler refs
https://bugs.webkit.org/show_bug.cgi?id=108381

Reviewed by James Robinson.

Source/WebKit/chromium:

WebPluginContainerImpl would call Document::didAddTouchEventHandler every time the plugin requested
touch events. Some plugins make this request more than once, leading to an imbalance in Document's
touch event handler map, and a stale node pointer when the plugin is destroyed. This change
has WebPluginContainerImpl only add one ref for the plugin at a time.

* src/WebPluginContainerImpl.cpp:
(WebKit::WebPluginContainerImpl::requestTouchEventType):

Tools:

* DumpRenderTree/chromium/TestRunner/src/WebTestPlugin.cpp: Adding an attribute that
tickles the case in WebPluginContainerImpl that imbalanced touch handler refs in Document.

LayoutTests:

* platform/chromium/plugins/re-request-touch-events-crash-expected.txt: Added.
* platform/chromium/plugins/re-request-touch-events-crash.html: Added.

Modified Paths

Added Paths

Diff

Modified: trunk/LayoutTests/ChangeLog (141356 => 141357)


--- trunk/LayoutTests/ChangeLog	2013-01-31 02:13:12 UTC (rev 141356)
+++ trunk/LayoutTests/ChangeLog	2013-01-31 02:15:03 UTC (rev 141357)
@@ -1,3 +1,13 @@
+2013-01-30  Levi Weintraub  <[email protected]>
+
+        [Chromium] WebPluginContainerImpl adding imbalanced touch handler refs
+        https://bugs.webkit.org/show_bug.cgi?id=108381
+
+        Reviewed by James Robinson.
+
+        * platform/chromium/plugins/re-request-touch-events-crash-expected.txt: Added.
+        * platform/chromium/plugins/re-request-touch-events-crash.html: Added.
+
 2013-01-30  Rouslan Solomakhin  <[email protected]>
 
         Tests for spellcheck behavior

Added: trunk/LayoutTests/platform/chromium/plugins/re-request-touch-events-crash-expected.txt (0 => 141357)


--- trunk/LayoutTests/platform/chromium/plugins/re-request-touch-events-crash-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/platform/chromium/plugins/re-request-touch-events-crash-expected.txt	2013-01-31 02:15:03 UTC (rev 141357)
@@ -0,0 +1,5 @@
+PASS window.internals.touchEventHandlerCount(document) is 1
+PASS window.internals.touchEventHandlerCount(document) is 0
+This test ensures that we don't imbalance the touch event handler count if a plugin requests touch events more than once. The test passes if there are no touch event listeners after the plugin is removed, and there is no crash. Must be run in DRT.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".

Added: trunk/LayoutTests/platform/chromium/plugins/re-request-touch-events-crash.html (0 => 141357)


--- trunk/LayoutTests/platform/chromium/plugins/re-request-touch-events-crash.html	                        (rev 0)
+++ trunk/LayoutTests/platform/chromium/plugins/re-request-touch-events-crash.html	2013-01-31 02:15:03 UTC (rev 141357)
@@ -0,0 +1,25 @@
+<html>
+<head>
+<script src=""
+</head>
+
+<body>
+<embed id="touch_plugin" type="application/x-webkit-test-webplugin" accepts-touch="raw" re-request-touch="true"></embed>
+<p id="description"></p>
+<script>
+description("This test ensures that we don't imbalance the touch event handler count if a plugin requests touch events more than once. The test passes if there are no touch event listeners after the plugin is removed, and there is no crash. Must be run in DRT.");
+
+if (window.testRunner) {
+    testRunner.dumpAsText();
+
+    // Force the plugin to initialize
+    touch_plugin.offsetTop;
+
+    shouldBe("window.internals.touchEventHandlerCount(document)", "1")
+    touch_plugin.parentNode.removeChild(touch_plugin);
+    shouldBe("window.internals.touchEventHandlerCount(document)", "0")
+}
+
+</script>
+</body>
+<script src=""

Modified: trunk/Source/WebKit/chromium/ChangeLog (141356 => 141357)


--- trunk/Source/WebKit/chromium/ChangeLog	2013-01-31 02:13:12 UTC (rev 141356)
+++ trunk/Source/WebKit/chromium/ChangeLog	2013-01-31 02:15:03 UTC (rev 141357)
@@ -1,3 +1,18 @@
+2013-01-30  Levi Weintraub  <[email protected]>
+
+        [Chromium] WebPluginContainerImpl adding imbalanced touch handler refs
+        https://bugs.webkit.org/show_bug.cgi?id=108381
+
+        Reviewed by James Robinson.
+
+        WebPluginContainerImpl would call Document::didAddTouchEventHandler every time the plugin requested
+        touch events. Some plugins make this request more than once, leading to an imbalance in Document's
+        touch event handler map, and a stale node pointer when the plugin is destroyed. This change
+        has WebPluginContainerImpl only add one ref for the plugin at a time.
+
+        * src/WebPluginContainerImpl.cpp:
+        (WebKit::WebPluginContainerImpl::requestTouchEventType):
+
 2013-01-30  Yusuf Ozuysal  <[email protected]>
 
         Start sending scrollType as NonBubblingGesture for flings

Modified: trunk/Source/WebKit/chromium/src/WebPluginContainerImpl.cpp (141356 => 141357)


--- trunk/Source/WebKit/chromium/src/WebPluginContainerImpl.cpp	2013-01-31 02:13:12 UTC (rev 141356)
+++ trunk/Source/WebKit/chromium/src/WebPluginContainerImpl.cpp	2013-01-31 02:15:03 UTC (rev 141357)
@@ -473,11 +473,12 @@
 {
     if (m_touchEventRequestType == requestType)
         return;
-    m_touchEventRequestType = requestType;
-    if (m_touchEventRequestType != TouchEventRequestTypeNone)
+    
+    if (requestType != TouchEventRequestTypeNone && m_touchEventRequestType == TouchEventRequestTypeNone)
         m_element->document()->didAddTouchEventHandler(m_element);
-    else
+    else if (requestType == TouchEventRequestTypeNone && m_touchEventRequestType != TouchEventRequestTypeNone)
         m_element->document()->didRemoveTouchEventHandler(m_element);
+    m_touchEventRequestType = requestType;
 }
 
 void WebPluginContainerImpl::setWantsWheelEvents(bool wantsWheelEvents)

Modified: trunk/Tools/ChangeLog (141356 => 141357)


--- trunk/Tools/ChangeLog	2013-01-31 02:13:12 UTC (rev 141356)
+++ trunk/Tools/ChangeLog	2013-01-31 02:15:03 UTC (rev 141357)
@@ -1,3 +1,13 @@
+2013-01-30  Levi Weintraub  <[email protected]>
+
+        [Chromium] WebPluginContainerImpl adding imbalanced touch handler refs
+        https://bugs.webkit.org/show_bug.cgi?id=108381
+
+        Reviewed by James Robinson.
+
+        * DumpRenderTree/chromium/TestRunner/src/WebTestPlugin.cpp: Adding an attribute that
+        tickles the case in WebPluginContainerImpl that imbalanced touch handler refs in Document.
+
 2013-01-30  Julie Parent  <[email protected]>
 
         Add a concept of dashboard parameters that invalidate others

Modified: trunk/Tools/DumpRenderTree/chromium/TestRunner/src/WebTestPlugin.cpp (141356 => 141357)


--- trunk/Tools/DumpRenderTree/chromium/TestRunner/src/WebTestPlugin.cpp	2013-01-31 02:13:12 UTC (rev 141356)
+++ trunk/Tools/DumpRenderTree/chromium/TestRunner/src/WebTestPlugin.cpp	2013-01-31 02:15:03 UTC (rev 141357)
@@ -235,6 +235,8 @@
     OwnPtr<WebExternalTextureLayer> m_layer;
 
     WebPluginContainer::TouchEventRequestType m_touchEventRequest;
+    // Requests touch events from the WebPluginContainerImpl multiple times to tickle webkit.org/b/108381
+    bool m_reRequestTouchEvents;
     bool m_printEventDetails;
     bool m_printUserGestureStatus;
     bool m_canProcessDrag;
@@ -246,6 +248,7 @@
     , m_container(0)
     , m_context(0)
     , m_touchEventRequest(WebPluginContainer::TouchEventRequestTypeNone)
+    , m_reRequestTouchEvents(false)
     , m_printEventDetails(false)
     , m_printUserGestureStatus(false)
     , m_canProcessDrag(false)
@@ -255,6 +258,7 @@
     static const WebString kAttributePrimitiveColor = WebString::fromUTF8("primitive-color");
     static const WebString kAttributeOpacity = WebString::fromUTF8("opacity");
     static const WebString kAttributeAcceptsTouch = WebString::fromUTF8("accepts-touch");
+    static const WebString kAttributeReRequestTouchEvents = WebString::fromUTF8("re-request-touch");
     static const WebString kAttributePrintEventDetails = WebString::fromUTF8("print-event-details");
     static const WebString kAttributeCanProcessDrag = WebString::fromUTF8("can-process-drag");
     static const WebString kAttributePrintUserGestureStatus = WebString::fromUTF8("print-user-gesture-status");
@@ -275,6 +279,8 @@
             m_scene.opacity = parseOpacity(attributeValue);
         else if (attributeName == kAttributeAcceptsTouch)
             m_touchEventRequest = parseTouchEventRequestType(attributeValue);
+        else if (attributeName == kAttributeReRequestTouchEvents)
+            m_reRequestTouchEvents = parseBoolean(attributeValue);
         else if (attributeName == kAttributePrintEventDetails)
             m_printEventDetails = parseBoolean(attributeValue);
         else if (attributeName == kAttributeCanProcessDrag)
@@ -304,6 +310,10 @@
     m_layer = adoptPtr(Platform::current()->compositorSupport()->createExternalTextureLayer(this));
     m_container = container;
     m_container->setWebLayer(m_layer->layer());
+    if (m_reRequestTouchEvents) {
+        m_container->requestTouchEventType(WebPluginContainer::TouchEventRequestTypeSynthesizedMouse);
+        m_container->requestTouchEventType(WebPluginContainer::TouchEventRequestTypeRaw);
+    }
     m_container->requestTouchEventType(m_touchEventRequest);
     m_container->setWantsWheelEvents(true);
     return true;

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to