Title: [177438] branches/safari-600.1.4.13-branch/Source/WebKit2
- Revision
- 177438
- Author
- [email protected]
- Date
- 2014-12-17 00:28:51 -0800 (Wed, 17 Dec 2014)
Log Message
Merged r176996. rdar://problem/19214044
Modified Paths
Diff
Modified: branches/safari-600.1.4.13-branch/Source/WebKit2/ChangeLog (177437 => 177438)
--- branches/safari-600.1.4.13-branch/Source/WebKit2/ChangeLog 2014-12-17 08:27:00 UTC (rev 177437)
+++ branches/safari-600.1.4.13-branch/Source/WebKit2/ChangeLog 2014-12-17 08:28:51 UTC (rev 177438)
@@ -1,5 +1,31 @@
2014-12-17 Babak Shafiei <[email protected]>
+ Merge r176996.
+
+ 2014-12-08 Dan Bernstein <[email protected]>
+
+ <rdar://problem/18905383> [iOS] Crash due to null m_webPageProxyForBackForwardListForCurrentSwipe in ViewGestureController::endSwipeGesture
+ https://bugs.webkit.org/show_bug.cgi?id=138750
+
+ Reviewed by Tim Horton.
+
+ The snapshot for the current gesture was being removed mid-gesture by the callback from
+ dispatchAfterEnsuringDrawing scheduled by the previous gesture. The fix is to ignore the
+ callback for a gesture if it is made after the snapshot for that gesture has already been
+ removed (which can happen as a result of the watchdog timer firing).
+
+ * UIProcess/ios/ViewGestureControllerIOS.mm:
+ (WebKit::ViewGestureController::ViewGestureController): Initialize new member variable.
+ (WebKit::addLogEntry): Fixed the log message format.
+ (WebKit::ViewGestureController::endSwipeGesture): When dispatchAfterEnsuringDrawing() calls
+ us back, bail out if the gesture snapshot has already been removed.
+ (WebKit::ViewGestureController::removeSwipeSnapshot): Increment
+ m_gesturePendingSnapshotRemoval.
+ * UIProcess/mac/ViewGestureController.h: Added m_gesturePendingSnapshotRemoval member
+ variable.
+
+2014-12-17 Babak Shafiei <[email protected]>
+
Merge r176133.
2014-11-14 Dan Bernstein <[email protected]>
Modified: branches/safari-600.1.4.13-branch/Source/WebKit2/UIProcess/ios/ViewGestureControllerIOS.mm (177437 => 177438)
--- branches/safari-600.1.4.13-branch/Source/WebKit2/UIProcess/ios/ViewGestureControllerIOS.mm 2014-12-17 08:27:00 UTC (rev 177437)
+++ branches/safari-600.1.4.13-branch/Source/WebKit2/UIProcess/ios/ViewGestureControllerIOS.mm 2014-12-17 08:28:51 UTC (rev 177438)
@@ -146,6 +146,7 @@
, m_swipeWatchdogTimer(RunLoop::main(), this, &ViewGestureController::swipeSnapshotWatchdogTimerFired)
, m_snapshotRemovalTargetRenderTreeSize(0)
, m_shouldRemoveSnapshotWhenTargetRenderTreeSizeHit(false)
+ , m_gesturePendingSnapshotRemoval(0)
{
viewGestureControllersForAllPages().add(webPageProxy.pageID(), this);
}
@@ -178,7 +179,7 @@
int size = WTF_ARRAY_LENGTH(stack);
WTFGetBacktrace(stack, &size);
StringBuilder stringBuilder;
- stringBuilder.append(String::format("%f [ ]", CFAbsoluteTimeGetCurrent()));
+ stringBuilder.append(String::format("%f [ ", CFAbsoluteTimeGetCurrent()));
for (int i = 2; i < size; ++i) {
if (i > 2)
stringBuilder.appendLiteral(", ");
@@ -335,9 +336,10 @@
if (auto drawingArea = m_webPageProxy.drawingArea()) {
uint64_t pageID = m_webPageProxy.pageID();
- drawingArea->dispatchAfterEnsuringDrawing([pageID] (CallbackBase::Error error) {
+ uint64_t gesturePendingSnapshotRemoval = m_gesturePendingSnapshotRemoval;
+ drawingArea->dispatchAfterEnsuringDrawing([pageID, gesturePendingSnapshotRemoval] (CallbackBase::Error error) {
auto gestureControllerIter = viewGestureControllersForAllPages().find(pageID);
- if (gestureControllerIter != viewGestureControllersForAllPages().end())
+ if (gestureControllerIter != viewGestureControllersForAllPages().end() && gestureControllerIter->value->m_gesturePendingSnapshotRemoval == gesturePendingSnapshotRemoval)
gestureControllerIter->value->willCommitPostSwipeTransitionLayerTree(error == CallbackBase::Error::None);
});
} else {
@@ -393,6 +395,8 @@
if (m_activeGestureType != ViewGestureType::Swipe)
return;
+ ++m_gesturePendingSnapshotRemoval;
+
#if USE(IOSURFACE)
if (m_currentSwipeSnapshotSurface)
m_currentSwipeSnapshotSurface->setIsVolatile(true);
Modified: branches/safari-600.1.4.13-branch/Source/WebKit2/UIProcess/mac/ViewGestureController.h (177437 => 177438)
--- branches/safari-600.1.4.13-branch/Source/WebKit2/UIProcess/mac/ViewGestureController.h 2014-12-17 08:27:00 UTC (rev 177437)
+++ branches/safari-600.1.4.13-branch/Source/WebKit2/UIProcess/mac/ViewGestureController.h 2014-12-17 08:28:51 UTC (rev 177438)
@@ -195,6 +195,7 @@
bool m_shouldRemoveSnapshotWhenTargetRenderTreeSizeHit;
WeakObjCPtr<WKWebView> m_alternateBackForwardListSourceView;
RefPtr<WebPageProxy> m_webPageProxyForBackForwardListForCurrentSwipe;
+ uint64_t m_gesturePendingSnapshotRemoval;
#if ENABLE(VIEW_GESTURE_CONTROLLER_TRACING)
Vector<String> m_logEntries;
#endif
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
