REGRESSION(r221514): [GTK] UI process crash in WebKit::WaylandCompositor::Surface...
authorcarlosgc@webkit.org <carlosgc@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 1 Mar 2018 09:24:24 +0000 (09:24 +0000)
committercarlosgc@webkit.org <carlosgc@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 1 Mar 2018 09:24:24 +0000 (09:24 +0000)
https://bugs.webkit.org/show_bug.cgi?id=183091

Reviewed by Michael Catanzaro.

Invalidate the surface in the page map when the backing store is destroyed.

* UIProcess/gtk/WaylandCompositor.cpp:
(WebKit::WaylandCompositor::willDestroySurface):
* UIProcess/gtk/WaylandCompositor.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@229126 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/ChangeLog
Source/WebKit/UIProcess/gtk/WaylandCompositor.cpp
Source/WebKit/UIProcess/gtk/WaylandCompositor.h

index bbf7c9a..cc8b26f 100644 (file)
@@ -1,3 +1,16 @@
+2018-03-01  Carlos Garcia Campos  <cgarcia@igalia.com>
+
+        REGRESSION(r221514): [GTK] UI process crash in WebKit::WaylandCompositor::Surface::flushPendingFrameCallbacks
+        https://bugs.webkit.org/show_bug.cgi?id=183091
+
+        Reviewed by Michael Catanzaro.
+
+        Invalidate the surface in the page map when the backing store is destroyed.
+
+        * UIProcess/gtk/WaylandCompositor.cpp:
+        (WebKit::WaylandCompositor::willDestroySurface):
+        * UIProcess/gtk/WaylandCompositor.h:
+
 2018-02-28  Brian Burg  <bburg@apple.com>
 
         [Cocoa] Web Automation: provide a way to ask clients the type of a JavaScript dialog
index d6e172d..0dc7f04 100644 (file)
@@ -350,6 +350,7 @@ static const struct wl_compositor_interface compositorInterface = {
             wl_resource_set_implementation(surfaceResource, &surfaceInterface, new WaylandCompositor::Surface(),
                 [](struct wl_resource* resource) {
                     auto* surface = static_cast<WaylandCompositor::Surface*>(wl_resource_get_user_data(resource));
+                    WaylandCompositor::singleton().willDestroySurface(surface);
                     delete surface;
                 });
         } else
@@ -562,6 +563,16 @@ void WaylandCompositor::unregisterWebPage(WebPageProxy& webPage)
         surface->setWebPage(nullptr);
 }
 
+void WaylandCompositor::willDestroySurface(Surface* surface)
+{
+    for (auto it : m_pageMap) {
+        if (it.value == surface) {
+            it.value = nullptr;
+            return;
+        }
+    }
+}
+
 } // namespace WebKit
 
 #endif // PLATFORM(WAYLAND) && USE(EGL)
index fea7036..0fba1a2 100644 (file)
@@ -113,6 +113,7 @@ public:
     void bindSurfaceToWebPage(Surface*, uint64_t pageID);
     void registerWebPage(WebPageProxy&);
     void unregisterWebPage(WebPageProxy&);
+    void willDestroySurface(Surface*);
 
     bool getTexture(WebPageProxy&, unsigned&, WebCore::IntSize&);