diff options
| author | ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-12-17 21:21:41 +0000 |
|---|---|---|
| committer | ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-12-17 21:21:41 +0000 |
| commit | 76ac017bca97c5e45569c43c4aded1e287e2cb0b (patch) | |
| tree | 1f4d5b936632414df9253da28df085a0edd2b85b /webkit | |
| parent | 4038e6e270171286189b2cd54fcb45a7e9c08222 (diff) | |
| download | chromium_src-76ac017bca97c5e45569c43c4aded1e287e2cb0b.zip chromium_src-76ac017bca97c5e45569c43c4aded1e287e2cb0b.tar.gz chromium_src-76ac017bca97c5e45569c43c4aded1e287e2cb0b.tar.bz2 | |
There were a number of new crashes in reliability test runs in flash after revision 34593. The crash occured
while dereferencing an invalid g_current_plugin_instance global which points to the last plugin instance we
yield control to. We maintain a local global stack for this variable which ensures that it gets set and
reset correctly in nested invocations. Turns out that this broke in a recent change which caused the global
to not get reset at times, thus leading to a crash when it was dereferenced.
I also changed the code which maintains the local global stack in NativeWndProc to only do this before we invoke
the plugin wndproc via CallWindowProc. The other cases like ThrottleMessage don't need to do this as they don't
yield control to the plugin.
Fixes http://code.google.com/p/chromium/issues/detail?id=30607
Bug=30607
Review URL: http://codereview.chromium.org/503037
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@34875 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'webkit')
| -rw-r--r-- | webkit/glue/plugins/webplugin_delegate_impl_win.cc | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/webkit/glue/plugins/webplugin_delegate_impl_win.cc b/webkit/glue/plugins/webplugin_delegate_impl_win.cc index e3ee2f8..b3eb3fc 100644 --- a/webkit/glue/plugins/webplugin_delegate_impl_win.cc +++ b/webkit/glue/plugins/webplugin_delegate_impl_win.cc @@ -815,12 +815,6 @@ LRESULT CALLBACK WebPluginDelegateImpl::NativeWndProc( return TRUE; } - // Maintain a local/global stack for the g_current_plugin_instance variable - // as this may be a nested invocation. - WebPluginDelegateImpl* last_plugin_instance = g_current_plugin_instance; - - g_current_plugin_instance = delegate; - // Flash may flood the message queue with WM_USER+1 message causing 100% CPU // usage. See https://bugzilla.mozilla.org/show_bug.cgi?id=132759. We // prevent this by throttling the messages. @@ -828,7 +822,6 @@ LRESULT CALLBACK WebPluginDelegateImpl::NativeWndProc( delegate->GetQuirks() & PLUGIN_QUIRK_THROTTLE_WM_USER_PLUS_ONE) { WebPluginDelegateImpl::ThrottleMessage(delegate->plugin_wnd_proc_, hwnd, message, wparam, lparam); - g_current_plugin_instance = last_plugin_instance; return FALSE; } @@ -880,8 +873,15 @@ LRESULT CALLBACK WebPluginDelegateImpl::NativeWndProc( kWindowedPluginPopupTimerMs); } + // Maintain a local/global stack for the g_current_plugin_instance variable + // as this may be a nested invocation. + WebPluginDelegateImpl* last_plugin_instance = g_current_plugin_instance; + + g_current_plugin_instance = delegate; + result = CallWindowProc( delegate->plugin_wnd_proc_, hwnd, message, wparam, lparam); + delegate->is_calling_wndproc = false; g_current_plugin_instance = last_plugin_instance; @@ -894,7 +894,6 @@ LRESULT CALLBACK WebPluginDelegateImpl::NativeWndProc( ClearThrottleQueueForWindow(hwnd); } } - delegate->last_message_ = old_message; return result; } |