From 5f4832367a1f3bd00e84037e2f77ed02af5bf23e Mon Sep 17 00:00:00 2001 From: trchen Date: Wed, 13 May 2015 14:10:29 -0700 Subject: [PATCH] Revert of Fix WebViewPlugin::scheduleAnimation crash (patchset #2 id:20001 of https://codereview.chromium.org/1137663006/) Reason for revert: This is converting the original crash to another crash. Will need another null check. Original issue's description: > Fix WebViewPlugin::scheduleAnimation crash > > The crash was probably due to accessing a dangling pointer to the plugin > container during a small time frame between PepperWebPluginImpl::destroy() > and the destructor being called. (Speculated from source since no reliable > repro is found.) > > This CL clears eveything in the destroy() function as if the destructor has > been called, only delaying memory release. > > R=tommycli > BUG=483068 > > Committed: https://crrev.com/6a9b5b10ff3515adb47718fc23ebe039a9e3b9ff > Cr-Commit-Position: refs/heads/master@{#329309} TBR=tommycli@chromium.org,raymes@chromium.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=487607,483068 Review URL: https://codereview.chromium.org/1127293004 Cr-Commit-Position: refs/heads/master@{#329715} --- content/renderer/pepper/pepper_plugin_instance_impl.cc | 2 -- content/renderer/pepper/pepper_webplugin_impl.cc | 2 -- 2 files changed, 4 deletions(-) diff --git a/content/renderer/pepper/pepper_plugin_instance_impl.cc b/content/renderer/pepper/pepper_plugin_instance_impl.cc index 9178bd1bba71ae..936342189d1ce2 100644 --- a/content/renderer/pepper/pepper_plugin_instance_impl.cc +++ b/content/renderer/pepper/pepper_plugin_instance_impl.cc @@ -699,8 +699,6 @@ void PepperPluginInstanceImpl::Delete() { fullscreen_container_ = NULL; } - throttler_.reset(); - // Force-unbind any Graphics. In the case of Graphics2D, if the plugin // leaks the graphics 2D, it may actually get cleaned up after our // destruction, so we need its pointers to be up-to-date. diff --git a/content/renderer/pepper/pepper_webplugin_impl.cc b/content/renderer/pepper/pepper_webplugin_impl.cc index b2c2a052c09cd5..25b96337996d6b 100644 --- a/content/renderer/pepper/pepper_webplugin_impl.cc +++ b/content/renderer/pepper/pepper_webplugin_impl.cc @@ -124,7 +124,6 @@ void PepperWebPluginImpl::destroy() { // Tell |container_| to clear references to this plugin's script objects. if (container_) container_->clearScriptObjects(); - container_ = nullptr; if (instance_.get()) { ppapi::PpapiGlobals::Get()->GetVarTracker()->ReleaseVar(instance_object_); @@ -132,7 +131,6 @@ void PepperWebPluginImpl::destroy() { instance_->Delete(); instance_ = NULL; } - throttler_.reset(); base::MessageLoop::current()->DeleteSoon(FROM_HERE, this); }