Title: [167849] trunk/Source/WebKit2
- Revision
- 167849
- Author
- [email protected]
- Date
- 2014-04-26 19:43:31 -0700 (Sat, 26 Apr 2014)
Log Message
REGRESSION (r167775): Safari crashes in ViewSnapshotStore::pruneSnapshots after loading 20 pages
https://bugs.webkit.org/show_bug.cgi?id=132204
<rdar://problem/16735622>
Reviewed by Dan Bernstein and Sam Weinig.
* UIProcess/mac/ViewSnapshotStore.mm:
(WebKit::ViewSnapshotStore::pruneSnapshots):
(WebKit::ViewSnapshotStore::recordSnapshot):
Fix a bug where the count of snapshots with live images was too high
because we were failing to decrement it when replacing a snapshot of
an existing item with a fresh one.
Modified Paths
Diff
Modified: trunk/Source/WebKit2/ChangeLog (167848 => 167849)
--- trunk/Source/WebKit2/ChangeLog 2014-04-27 00:03:13 UTC (rev 167848)
+++ trunk/Source/WebKit2/ChangeLog 2014-04-27 02:43:31 UTC (rev 167849)
@@ -1,3 +1,18 @@
+2014-04-26 Tim Horton <[email protected]>
+
+ REGRESSION (r167775): Safari crashes in ViewSnapshotStore::pruneSnapshots after loading 20 pages
+ https://bugs.webkit.org/show_bug.cgi?id=132204
+ <rdar://problem/16735622>
+
+ Reviewed by Dan Bernstein and Sam Weinig.
+
+ * UIProcess/mac/ViewSnapshotStore.mm:
+ (WebKit::ViewSnapshotStore::pruneSnapshots):
+ (WebKit::ViewSnapshotStore::recordSnapshot):
+ Fix a bug where the count of snapshots with live images was too high
+ because we were failing to decrement it when replacing a snapshot of
+ an existing item with a fresh one.
+
2014-04-26 Dan Bernstein <[email protected]>
[Cocoa] Rename a bundle form delegate method
Modified: trunk/Source/WebKit2/UIProcess/mac/ViewSnapshotStore.mm (167848 => 167849)
--- trunk/Source/WebKit2/UIProcess/mac/ViewSnapshotStore.mm 2014-04-27 00:03:13 UTC (rev 167848)
+++ trunk/Source/WebKit2/UIProcess/mac/ViewSnapshotStore.mm 2014-04-27 02:43:31 UTC (rev 167849)
@@ -100,14 +100,14 @@
String oldestSnapshotUUID;
for (const auto& uuidAndSnapshot : m_snapshotMap) {
- if (uuidAndSnapshot.value.creationTime < oldestSnapshotTime) {
+ if (uuidAndSnapshot.value.creationTime < oldestSnapshotTime && uuidAndSnapshot.value.hasImage()) {
oldestSnapshotTime = uuidAndSnapshot.value.creationTime;
oldestSnapshotUUID = uuidAndSnapshot.key;
}
}
- const auto& snapshot = m_snapshotMap.find(oldestSnapshotUUID);
- snapshot->value.clearImage();
+ const auto& snapshotIter = m_snapshotMap.find(oldestSnapshotUUID);
+ snapshotIter->value.clearImage();
m_snapshotsWithImagesCount--;
}
@@ -143,8 +143,14 @@
pruneSnapshots(webPageProxy);
String oldSnapshotUUID = item->snapshotUUID();
- if (!oldSnapshotUUID.isEmpty())
- m_snapshotMap.remove(oldSnapshotUUID);
+ if (!oldSnapshotUUID.isEmpty()) {
+ const auto& oldSnapshotIter = m_snapshotMap.find(oldSnapshotUUID);
+ if (oldSnapshotIter != m_snapshotMap.end()) {
+ if (oldSnapshotIter->value.hasImage())
+ m_snapshotsWithImagesCount--;
+ m_snapshotMap.remove(oldSnapshotIter);
+ }
+ }
item->setSnapshotUUID(createCanonicalUUIDString());
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
