archlinuxarm/PKGBUILDs
1
0
Fork 0
mirror of https://github.com/archlinuxarm/PKGBUILDs.git synced 2024-09-19 22:08:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
PKGBUILDs/extra/chromium/x11-ozone-fix-two-edge-cases.patch

136 lines
5.5 KiB
Diff
Raw Normal View History

extra/chromium to 89.0.4389.82-2
2021-03-09 00:26:55 +00:00
From 5e3a738b1204941aab9f15c0eb3d06e20fefd96e Mon Sep 17 00:00:00 2001
From: Scott Violet <sky@chromium.org>
Date: Mon, 8 Mar 2021 21:07:39 +0000
Subject: [PATCH] x11/ozone: fix two edge cases
WindowTreeHost::OnHostMovedInPixels() may trigger a nested message
loop (tab dragging), which when the stack unravels means this may
be deleted. This adds an early out if this happens.
X11WholeScreenMoveLoop has a similar issue, in so far as notifying
the delegate may delete this.
BUG=1185482
TEST=WindowTreeHostPlatform.DeleteHostFromOnHostMovedInPixels
Change-Id: Ieca1c90b3e4358da50b332abe2941fdbb50c5c25
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2743555
Reviewed-by: Thomas Anderson <thomasanderson@chromium.org>
Commit-Queue: Scott Violet <sky@chromium.org>
Cr-Commit-Position: refs/heads/master@{#860852}
---
ui/aura/window_tree_host_platform.cc | 10 ++++-
ui/aura/window_tree_host_platform_unittest.cc | 40 ++++++++++++++++++-
ui/base/x/x11_whole_screen_move_loop.cc | 4 ++
3 files changed, 51 insertions(+), 3 deletions(-)
diff --git a/ui/aura/window_tree_host_platform.cc b/ui/aura/window_tree_host_platform.cc
index ce8395fe07..7589542026 100644
--- a/ui/aura/window_tree_host_platform.cc
+++ b/ui/aura/window_tree_host_platform.cc
@@ -214,13 +214,21 @@ void WindowTreeHostPlatform::OnBoundsChanged(const gfx::Rect& new_bounds) {
float current_scale = compositor()->device_scale_factor();
float new_scale = ui::GetScaleFactorForNativeView(window());
gfx::Rect old_bounds = bounds_in_pixels_;
+ auto weak_ref = GetWeakPtr();
bounds_in_pixels_ = new_bounds;
- if (bounds_in_pixels_.origin() != old_bounds.origin())
+ if (bounds_in_pixels_.origin() != old_bounds.origin()) {
OnHostMovedInPixels(bounds_in_pixels_.origin());
+ // Changing the bounds may destroy this.
+ if (!weak_ref)
+ return;
+ }
if (bounds_in_pixels_.size() != old_bounds.size() ||
current_scale != new_scale) {
pending_size_ = gfx::Size();
OnHostResizedInPixels(bounds_in_pixels_.size());
+ // Changing the size may destroy this.
+ if (!weak_ref)
+ return;
}
DCHECK_GT(on_bounds_changed_recursion_depth_, 0);
if (--on_bounds_changed_recursion_depth_ == 0) {
diff --git a/ui/aura/window_tree_host_platform_unittest.cc b/ui/aura/window_tree_host_platform_unittest.cc
index eda14e2f0c..4de039c88a 100644
--- a/ui/aura/window_tree_host_platform_unittest.cc
+++ b/ui/aura/window_tree_host_platform_unittest.cc
@@ -34,7 +34,7 @@ class TestWindowTreeHost : public WindowTreeHostPlatform {
// OnHostWill/DidProcessBoundsChange. Additionally, this triggers a bounds
// change from within OnHostResized(). Such a scenario happens in production
// code.
-class TestWindowTreeHostObserver : public aura::WindowTreeHostObserver {
+class TestWindowTreeHostObserver : public WindowTreeHostObserver {
public:
TestWindowTreeHostObserver(WindowTreeHostPlatform* host,
ui::PlatformWindow* platform_window)
@@ -51,7 +51,7 @@ class TestWindowTreeHostObserver : public aura::WindowTreeHostObserver {
return on_host_will_process_bounds_change_count_;
}
- // aura::WindowTreeHostObserver:
+ // WindowTreeHostObserver:
void OnHostResized(WindowTreeHost* host) override {
if (!should_change_bounds_in_on_resized_)
return;
@@ -92,5 +92,41 @@ TEST_F(WindowTreeHostPlatformTest, HostWillProcessBoundsChangeRecursion) {
EXPECT_EQ(1, observer.on_host_will_process_bounds_change_count());
}
+// Deletes WindowTreeHostPlatform from OnHostMovedInPixels().
+class DeleteHostWindowTreeHostObserver : public WindowTreeHostObserver {
+ public:
+ explicit DeleteHostWindowTreeHostObserver(
+ std::unique_ptr<TestWindowTreeHost> host)
+ : host_(std::move(host)) {
+ host_->AddObserver(this);
+ }
+ ~DeleteHostWindowTreeHostObserver() override = default;
+
+ TestWindowTreeHost* host() { return host_.get(); }
+
+ // WindowTreeHostObserver:
+ void OnHostMovedInPixels(WindowTreeHost* host,
+ const gfx::Point& new_origin_in_pixels) override {
+ host_->RemoveObserver(this);
+ host_.reset();
+ }
+
+ private:
+ std::unique_ptr<TestWindowTreeHost> host_;
+
+ DISALLOW_COPY_AND_ASSIGN(DeleteHostWindowTreeHostObserver);
+};
+
+// Verifies WindowTreeHostPlatform can be safely deleted when calling
+// OnHostMovedInPixels().
+// Regression test for https://crbug.com/1185482
+TEST_F(WindowTreeHostPlatformTest, DeleteHostFromOnHostMovedInPixels) {
+ std::unique_ptr<TestWindowTreeHost> host =
+ std::make_unique<TestWindowTreeHost>();
+ DeleteHostWindowTreeHostObserver observer(std::move(host));
+ observer.host()->SetBoundsInPixels(gfx::Rect(1, 2, 3, 4));
+ EXPECT_EQ(nullptr, observer.host());
+}
+
} // namespace
} // namespace aura
diff --git a/ui/base/x/x11_whole_screen_move_loop.cc b/ui/base/x/x11_whole_screen_move_loop.cc
index 5ed215db66..db678799db 100644
--- a/ui/base/x/x11_whole_screen_move_loop.cc
+++ b/ui/base/x/x11_whole_screen_move_loop.cc
@@ -78,9 +78,13 @@ X11WholeScreenMoveLoop::~X11WholeScreenMoveLoop() {
void X11WholeScreenMoveLoop::DispatchMouseMovement() {
if (!last_motion_in_screen_)
return;
+ auto weak_ref = weak_factory_.GetWeakPtr();
delegate_->OnMouseMovement(last_motion_in_screen_->root_location(),
last_motion_in_screen_->flags(),
last_motion_in_screen_->time_stamp());
+ // The delegate may delete this during dispatch.
+ if (!weak_ref)
+ return;
last_motion_in_screen_.reset();
}
Reference in a new issue Copy permalink