[Webkit-unassigned] [Bug 23194] [GTK] fix crashers
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jan 8 13:46:31 PST 2009
https://bugs.webkit.org/show_bug.cgi?id=23194
------- Comment #2 from otte at gnome.org 2009-01-08 13:46 PDT -------
For reference, here's a paste from IRC discussing the finalize => dispose
change.
<Company> http://pastebin.com/m72177544
<Company> what's happening is that the WebView gets last-unreffed which calls
g_object_destroy() on it, then finalizes it
<Company> g_object_destroy calls destroy() on all children, which causes the
scrollbars to be destroyed, and they free their adjustments
<Company> after that web_view_finalize calls ~Page which causes the stack trace
above to appear
<Company> and that sets the destroyed scrollbar's allocation
<Company> and that code uses a range->allocation->value unconditionally
<Company> ergo: boom
<xan> (you mean gtk_object_destroy)
<Company> right
<Company> sorry
<Company> the web view should likely destroy the Page in dispose, not in
finalize
<Company> but i don't know the code well enough to know if that's gonna work
<xan> also, just 'in theory', you are supposed to release refs to external
objects in dispose, not finalize
<Company> yeah, that's why i'm suggesting it
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list