Title: [203493] trunk/Source/WebKit2
- Revision
- 203493
- Author
- carlo...@webkit.org
- Date
- 2016-07-20 23:41:43 -0700 (Wed, 20 Jul 2016)
Log Message
[GTK][Threaded Compositor] Web Process crash when the page is closed before the web view is realized
https://bugs.webkit.org/show_bug.cgi?id=159918
Reviewed by Michael Catanzaro.
When the web view is unrealized, we send a sync message to the web process to destroy the native surface handle
for compositing, and then we actually destroy the redirected window. But if the page is closed explicitly before
the web view is unrealized, the drawing area proxy is destroyed so that when the web view is unrealized we can't
notify the web process that keeps trying to render to a now deleted window handle. That produces a BadDrawable
X error and the web process crashes.
* UIProcess/API/gtk/PageClientImpl.cpp:
(WebKit::PageClientImpl::pageClosed): Call webkitWebViewBasePageClosed().
* UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewBasePageClosed): If the web view is still realized, destroy the native surface handle and the
redirected window.
* UIProcess/API/gtk/WebKitWebViewBasePrivate.h: Add webkitWebViewBasePageClosed().
Modified Paths
Diff
Modified: trunk/Source/WebKit2/ChangeLog (203492 => 203493)
--- trunk/Source/WebKit2/ChangeLog 2016-07-21 06:38:32 UTC (rev 203492)
+++ trunk/Source/WebKit2/ChangeLog 2016-07-21 06:41:43 UTC (rev 203493)
@@ -1,3 +1,23 @@
+2016-07-20 Carlos Garcia Campos <cgar...@igalia.com>
+
+ [GTK][Threaded Compositor] Web Process crash when the page is closed before the web view is realized
+ https://bugs.webkit.org/show_bug.cgi?id=159918
+
+ Reviewed by Michael Catanzaro.
+
+ When the web view is unrealized, we send a sync message to the web process to destroy the native surface handle
+ for compositing, and then we actually destroy the redirected window. But if the page is closed explicitly before
+ the web view is unrealized, the drawing area proxy is destroyed so that when the web view is unrealized we can't
+ notify the web process that keeps trying to render to a now deleted window handle. That produces a BadDrawable
+ X error and the web process crashes.
+
+ * UIProcess/API/gtk/PageClientImpl.cpp:
+ (WebKit::PageClientImpl::pageClosed): Call webkitWebViewBasePageClosed().
+ * UIProcess/API/gtk/WebKitWebViewBase.cpp:
+ (webkitWebViewBasePageClosed): If the web view is still realized, destroy the native surface handle and the
+ redirected window.
+ * UIProcess/API/gtk/WebKitWebViewBasePrivate.h: Add webkitWebViewBasePageClosed().
+
2016-07-20 Commit Queue <commit-qu...@webkit.org>
Unreviewed, rolling out r203471.
Modified: trunk/Source/WebKit2/UIProcess/API/gtk/PageClientImpl.cpp (203492 => 203493)
--- trunk/Source/WebKit2/UIProcess/API/gtk/PageClientImpl.cpp 2016-07-21 06:38:32 UTC (rev 203492)
+++ trunk/Source/WebKit2/UIProcess/API/gtk/PageClientImpl.cpp 2016-07-21 06:41:43 UTC (rev 203493)
@@ -238,7 +238,7 @@
void PageClientImpl::pageClosed()
{
- notImplemented();
+ webkitWebViewBasePageClosed(WEBKIT_WEB_VIEW_BASE(m_viewWidget));
}
void PageClientImpl::preferencesDidChange()
Modified: trunk/Source/WebKit2/UIProcess/API/gtk/WebKitWebViewBase.cpp (203492 => 203493)
--- trunk/Source/WebKit2/UIProcess/API/gtk/WebKitWebViewBase.cpp 2016-07-21 06:38:32 UTC (rev 203492)
+++ trunk/Source/WebKit2/UIProcess/API/gtk/WebKitWebViewBase.cpp 2016-07-21 06:41:43 UTC (rev 203493)
@@ -1630,3 +1630,23 @@
UNUSED_PARAM(webkitWebViewBase);
#endif
}
+
+void webkitWebViewBasePageClosed(WebKitWebViewBase* webkitWebViewBase)
+{
+#if PLATFORM(X11) && USE(TEXTURE_MAPPER)
+ if (PlatformDisplay::sharedDisplay().type() != PlatformDisplay::Type::X11)
+ return;
+
+ if (!gtk_widget_get_realized(GTK_WIDGET(webkitWebViewBase)))
+ return;
+
+ WebKitWebViewBasePrivate* priv = webkitWebViewBase->priv;
+ DrawingAreaProxyImpl* drawingArea = static_cast<DrawingAreaProxyImpl*>(priv->pageProxy->drawingArea());
+ ASSERT(drawingArea);
+ drawingArea->destroyNativeSurfaceHandleForCompositing();
+
+#if USE(REDIRECTED_XCOMPOSITE_WINDOW)
+ priv->redirectedWindow = nullptr;
+#endif
+#endif // PLATFORM(X11) && USE(TEXTURE_MAPPER)
+}
Modified: trunk/Source/WebKit2/UIProcess/API/gtk/WebKitWebViewBasePrivate.h (203492 => 203493)
--- trunk/Source/WebKit2/UIProcess/API/gtk/WebKitWebViewBasePrivate.h 2016-07-21 06:38:32 UTC (rev 203492)
+++ trunk/Source/WebKit2/UIProcess/API/gtk/WebKitWebViewBasePrivate.h 2016-07-21 06:41:43 UTC (rev 203493)
@@ -75,6 +75,7 @@
void webkitWebViewBaseEnterAcceleratedCompositingMode(WebKitWebViewBase*);
void webkitWebViewBaseExitAcceleratedCompositingMode(WebKitWebViewBase*);
void webkitWebViewBaseDidRelaunchWebProcess(WebKitWebViewBase*);
+void webkitWebViewBasePageClosed(WebKitWebViewBase*);
#if ENABLE(DRAG_SUPPORT)
WebKit::DragAndDropHandler& webkitWebViewBaseDragAndDropHandler(WebKitWebViewBase*);
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
