[PATCH 0/3] MR2874: mshtml: Fix ref leaks related to plugins.
From: Gabriel Ivăncescu <gabrielopcode(a)gmail.com> Currently this worked by luck because it is leaking; the element holding it never releases it. Signed-off-by: Gabriel Ivăncescu <gabrielopcode(a)gmail.com> --- dlls/mshtml/npplugin.c | 1 + 1 file changed, 1 insertion(+) diff --git a/dlls/mshtml/npplugin.c b/dlls/mshtml/npplugin.c index a1c38e5ed1a..6dfb65c0a6e 100644 --- a/dlls/mshtml/npplugin.c +++ b/dlls/mshtml/npplugin.c @@ -301,6 +301,7 @@ static NPError CDECL NPP_New(NPMIMEType pluginType, NPP instance, UINT16 mode, I } instance->pdata = container->plugin_host; + IOleClientSite_AddRef(&container->plugin_host->IOleClientSite_iface); node_release(&container->element.node); return err; -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/2874
From: Gabriel Ivăncescu <gabrielopcode(a)gmail.com> When the plugin host is created, its only ref is being held by the element it is associated with. Signed-off-by: Gabriel Ivăncescu <gabrielopcode(a)gmail.com> --- dlls/mshtml/pluginhost.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/dlls/mshtml/pluginhost.c b/dlls/mshtml/pluginhost.c index 4ee5c37de19..83ce9aa5d7f 100644 --- a/dlls/mshtml/pluginhost.c +++ b/dlls/mshtml/pluginhost.c @@ -2672,14 +2672,15 @@ void detach_plugin_host(PluginHost *host) release_plugin_ifaces(host); + list_remove(&host->entry); + list_init(&host->entry); + host->doc = NULL; + if(host->element) { host->element->plugin_host = NULL; host->element = NULL; + IOleClientSite_Release(&host->IOleClientSite_iface); } - - list_remove(&host->entry); - list_init(&host->entry); - host->doc = NULL; } HRESULT create_plugin_host(HTMLDocumentNode *doc, HTMLPluginContainer *container) -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/2874
From: Gabriel Ivăncescu <gabrielopcode(a)gmail.com> Otherwise Gecko keeps it running when it is created via put_classid, and it leaks everything due to holding a ref to it. Signed-off-by: Gabriel Ivăncescu <gabrielopcode(a)gmail.com> --- dlls/mshtml/nsiface.idl | 51 ++++++++++++++++++++++++++++++++++++++++ dlls/mshtml/pluginhost.c | 8 +++++++ 2 files changed, 59 insertions(+) diff --git a/dlls/mshtml/nsiface.idl b/dlls/mshtml/nsiface.idl index 5991e0de45b..43786b490f5 100644 --- a/dlls/mshtml/nsiface.idl +++ b/dlls/mshtml/nsiface.idl @@ -164,6 +164,7 @@ typedef nsISupports nsIControllers; typedef nsISupports nsIDOMValidityState; typedef nsISupports nsIPluginInstanceOwner; typedef nsISupports nsIPluginStreamListener; +typedef nsISupports nsIPluginTag; typedef nsISupports nsIContentSink; typedef nsISupports nsIParserFilter; typedef nsISupports nsIDTD; @@ -180,6 +181,7 @@ typedef nsISupports nsIDOMStorageList; typedef nsISupports nsILocalFile; typedef nsISupports nsIDOMHTMLMenuElement; typedef nsISupports nsIDOMCaretPosition; +typedef nsISupports nsIFrame; typedef nsISupports nsIFrameRequestCallback; typedef nsISupports nsICycleCollectorListener; typedef nsISupports nsIDOMHTMLCanvasElement; @@ -199,6 +201,7 @@ typedef nsISupports nsIClassInfo; typedef nsISupports nsILoadContext; typedef nsISupports nsIDomainPolicy; typedef nsISupports nsIScriptContext; +typedef nsISupports nsIObjectFrame; typedef nsISupports nsIObjectInputStream; typedef nsISupports nsIObjectOutputStream; @@ -4299,6 +4302,54 @@ interface nsIPluginInstance : nsIAudioChannelAgentCallback nsresult GetDOMElement(nsIDOMElement **aDOMElement); } +[ + object, + uuid(2eb3195e-3eea-4083-bb1d-d2d70fa35ccb), + local +] +interface nsIObjectLoadingContent : nsISupports +{ + const UINT TYPE_LOADING = 0; + const UINT TYPE_IMAGE = 1; + const UINT TYPE_PLUGIN = 2; + const UINT TYPE_DOCUMENT = 3; + const UINT TYPE_NULL = 4; + + const UINT PLUGIN_UNSUPPORTED = 0; + const UINT PLUGIN_ALTERNATE = 1; + const UINT PLUGIN_DISABLED = 2; + const UINT PLUGIN_BLOCKLISTED = 3; + const UINT PLUGIN_OUTDATED = 4; + const UINT PLUGIN_CRASHED = 5; + const UINT PLUGIN_SUPPRESSED = 6; + const UINT PLUGIN_USER_DISABLED = 7; + const UINT PLUGIN_CLICK_TO_PLAY = 8; + const UINT PLUGIN_VULNERABLE_UPDATABLE = 9; + const UINT PLUGIN_VULNERABLE_NO_UPDATE = 10; + const UINT PLUGIN_ACTIVE = 255; + + nsresult GetActualType(nsACString *aType); + nsresult GetDisplayedType(uint32_t *aType); + nsresult GetContentTypeForMIMEType(const nsACString *aMIMEType, uint32_t *aType); + nsresult GetBaseURI(nsIURI **aResult); + nsresult GetPluginInstance(void /*nsNPAPIPluginInstance*/ **aInstance); + nsresult HasNewFrame(nsIObjectFrame *aFrame); + nsresult GetPrintFrame(nsIFrame **aFrame); + nsresult PluginDestroyed(); + nsresult PluginCrashed(nsIPluginTag *aPluginTag, const nsAString *pluginDumpID, const nsAString *browserDumpID, bool submittedCrashReport); + nsresult PlayPlugin(); + nsresult Reload(bool aClearActivation); + nsresult GetActivated(bool *aActivated); + nsresult StopPluginInstance(); + nsresult SyncStartPluginInstance(); + nsresult AsyncStartPluginInstance(); + nsresult InitializeFromChannel(nsIRequest *aChannel); + nsresult GetSrcURI(nsIURI **aURI); + nsresult GetPluginFallbackType(uint32_t *aPluginFallbackType); + nsresult GetHasRunningPlugin(bool *aHasPlugin); + nsresult GetRunID(uint32_t *aRunID); +} + [ object, uuid(11afa8be-d997-4e07-a6a3-6f872ec3ee7f), diff --git a/dlls/mshtml/pluginhost.c b/dlls/mshtml/pluginhost.c index 83ce9aa5d7f..c81c17690ac 100644 --- a/dlls/mshtml/pluginhost.c +++ b/dlls/mshtml/pluginhost.c @@ -2677,8 +2677,16 @@ void detach_plugin_host(PluginHost *host) host->doc = NULL; if(host->element) { + nsIDOMElement *nselem = host->element->element.dom_element; + nsIObjectLoadingContent *olc; + host->element->plugin_host = NULL; host->element = NULL; + + if(NS_SUCCEEDED(nsIDOMElement_QueryInterface(nselem, &IID_nsIObjectLoadingContent, (void**)&olc))) { + nsIObjectLoadingContent_StopPluginInstance(olc); + nsIObjectLoadingContent_Release(olc); + } IOleClientSite_Release(&host->IOleClientSite_iface); } } -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/2874
This merge request was approved by Jacek Caban. -- https://gitlab.winehq.org/wine/wine/-/merge_requests/2874
participants (2)
-
Gabriel Ivăncescu -
Jacek Caban (@jacek)