<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[211145] trunk/Source</title>
</head>
<body>

<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }
#msg dl a { font-weight: bold}
#msg dl a:link    { color:#fc3; }
#msg dl a:active  { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/211145">211145</a></dd>
<dt>Author</dt> <dd>carlosgc@webkit.org</dd>
<dt>Date</dt> <dd>2017-01-25 08:54:28 -0800 (Wed, 25 Jan 2017)</dd>
</dl>

<h3>Log Message</h3>
<pre>[GTK] UIProcess from WebKitGtk+ 2.15.x SIGSEGVs because of X Error BadDamage in WebKit::AcceleratedBackingStoreX11::update(WebKit::LayerTreeContext const&amp;) () at Source/WebKit2/UIProcess/gtk/AcceleratedBackingStoreX11.cpp:145
https://bugs.webkit.org/show_bug.cgi?id=165656

Reviewed by Michael Catanzaro.

Source/WebCore:

Also return the base error code from PlatformDisplayX11::supportsXDamage().

* platform/graphics/x11/PlatformDisplayX11.cpp:
(WebCore::PlatformDisplayX11::supportsXDamage):
* platform/graphics/x11/PlatformDisplayX11.h:

Source/WebKit2:

We are incorrectly handling BadDamage errors because the BadDamage value we pass to the XErrorTrapper is not
the actual error code used by X11. Since XDamage is an extension, it has its own errors and a base error
code. We need to use the base error code we get when calling XDamageQueryExtension to pass the right error code
to the XErrorTrapper.

* UIProcess/gtk/AcceleratedBackingStoreX11.cpp:
(WebKit::AcceleratedBackingStoreX11::create): Get also the damage base error.
(WebKit::xDamageErrorCode): Helper to get the actual error code.
(WebKit::AcceleratedBackingStoreX11::~AcceleratedBackingStoreX11): Use xDamageErrorCode().
(WebKit::AcceleratedBackingStoreX11::update): Ditto.</pre>

<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCoreplatformgraphicsx11PlatformDisplayX11cpp">trunk/Source/WebCore/platform/graphics/x11/PlatformDisplayX11.cpp</a></li>
<li><a href="#trunkSourceWebCoreplatformgraphicsx11PlatformDisplayX11h">trunk/Source/WebCore/platform/graphics/x11/PlatformDisplayX11.h</a></li>
<li><a href="#trunkSourceWebKit2ChangeLog">trunk/Source/WebKit2/ChangeLog</a></li>
<li><a href="#trunkSourceWebKit2UIProcessgtkAcceleratedBackingStoreX11cpp">trunk/Source/WebKit2/UIProcess/gtk/AcceleratedBackingStoreX11.cpp</a></li>
<li><a href="#trunkSourceWebKit2UIProcessgtkWebPreferencesGtkcpp">trunk/Source/WebKit2/UIProcess/gtk/WebPreferencesGtk.cpp</a></li>
</ul>

</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (211144 => 211145)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog        2017-01-25 16:46:02 UTC (rev 211144)
+++ trunk/Source/WebCore/ChangeLog        2017-01-25 16:54:28 UTC (rev 211145)
</span><span class="lines">@@ -1,5 +1,18 @@
</span><span class="cx"> 2017-01-25  Carlos Garcia Campos  &lt;cgarcia@igalia.com&gt;
</span><span class="cx"> 
</span><ins>+        [GTK] UIProcess from WebKitGtk+ 2.15.x SIGSEGVs because of X Error BadDamage in WebKit::AcceleratedBackingStoreX11::update(WebKit::LayerTreeContext const&amp;) () at Source/WebKit2/UIProcess/gtk/AcceleratedBackingStoreX11.cpp:145
+        https://bugs.webkit.org/show_bug.cgi?id=165656
+
+        Reviewed by Michael Catanzaro.
+
+        Also return the base error code from PlatformDisplayX11::supportsXDamage().
+
+        * platform/graphics/x11/PlatformDisplayX11.cpp:
+        (WebCore::PlatformDisplayX11::supportsXDamage):
+        * platform/graphics/x11/PlatformDisplayX11.h:
+
+2017-01-25  Carlos Garcia Campos  &lt;cgarcia@igalia.com&gt;
+
</ins><span class="cx">         Unreviewed. Fix 32 bit build after r211140.
</span><span class="cx"> 
</span><span class="cx">         Include glib-object.h instead of forward declaring GType.
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformgraphicsx11PlatformDisplayX11cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/graphics/x11/PlatformDisplayX11.cpp (211144 => 211145)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/graphics/x11/PlatformDisplayX11.cpp        2017-01-25 16:46:02 UTC (rev 211144)
+++ trunk/Source/WebCore/platform/graphics/x11/PlatformDisplayX11.cpp        2017-01-25 16:54:28 UTC (rev 211145)
</span><span class="lines">@@ -98,7 +98,7 @@
</span><span class="cx">     return m_supportsXComposite.value();
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool PlatformDisplayX11::supportsXDamage(std::optional&lt;int&gt;&amp; damageEventBase) const
</del><ins>+bool PlatformDisplayX11::supportsXDamage(std::optional&lt;int&gt;&amp; damageEventBase, std::optional&lt;int&gt;&amp; damageErrorBase) const
</ins><span class="cx"> {
</span><span class="cx">     if (!m_supportsXDamage) {
</span><span class="cx">         m_supportsXDamage = false;
</span><span class="lines">@@ -106,13 +106,16 @@
</span><span class="cx">         if (m_display) {
</span><span class="cx">             int eventBase, errorBase;
</span><span class="cx">             m_supportsXDamage = XDamageQueryExtension(m_display, &amp;eventBase, &amp;errorBase);
</span><del>-            if (m_supportsXDamage.value())
</del><ins>+            if (m_supportsXDamage.value()) {
</ins><span class="cx">                 m_damageEventBase = eventBase;
</span><ins>+                m_damageErrorBase = errorBase;
+            }
</ins><span class="cx">         }
</span><span class="cx"> #endif
</span><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx">     damageEventBase = m_damageEventBase;
</span><ins>+    damageErrorBase = m_damageErrorBase;
</ins><span class="cx">     return m_supportsXDamage.value();
</span><span class="cx"> }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkSourceWebCoreplatformgraphicsx11PlatformDisplayX11h"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/platform/graphics/x11/PlatformDisplayX11.h (211144 => 211145)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/platform/graphics/x11/PlatformDisplayX11.h        2017-01-25 16:46:02 UTC (rev 211144)
+++ trunk/Source/WebCore/platform/graphics/x11/PlatformDisplayX11.h        2017-01-25 16:54:28 UTC (rev 211145)
</span><span class="lines">@@ -43,7 +43,7 @@
</span><span class="cx"> 
</span><span class="cx">     Display* native() const { return m_display; }
</span><span class="cx">     bool supportsXComposite() const;
</span><del>-    bool supportsXDamage(std::optional&lt;int&gt;&amp; damageEventBase) const;
</del><ins>+    bool supportsXDamage(std::optional&lt;int&gt;&amp; damageEventBase, std::optional&lt;int&gt;&amp; damageErrorBase) const;
</ins><span class="cx"> 
</span><span class="cx"> private:
</span><span class="cx">     Type type() const override { return PlatformDisplay::Type::X11; }
</span><span class="lines">@@ -56,6 +56,7 @@
</span><span class="cx">     mutable std::optional&lt;bool&gt; m_supportsXComposite;
</span><span class="cx">     mutable std::optional&lt;bool&gt; m_supportsXDamage;
</span><span class="cx">     mutable std::optional&lt;int&gt; m_damageEventBase;
</span><ins>+    mutable std::optional&lt;int&gt; m_damageErrorBase;
</ins><span class="cx"> };
</span><span class="cx"> 
</span><span class="cx"> } // namespace WebCore
</span></span></pre></div>
<a id="trunkSourceWebKit2ChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/ChangeLog (211144 => 211145)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/ChangeLog        2017-01-25 16:46:02 UTC (rev 211144)
+++ trunk/Source/WebKit2/ChangeLog        2017-01-25 16:54:28 UTC (rev 211145)
</span><span class="lines">@@ -1,3 +1,21 @@
</span><ins>+2017-01-25  Carlos Garcia Campos  &lt;cgarcia@igalia.com&gt;
+
+        [GTK] UIProcess from WebKitGtk+ 2.15.x SIGSEGVs because of X Error BadDamage in WebKit::AcceleratedBackingStoreX11::update(WebKit::LayerTreeContext const&amp;) () at Source/WebKit2/UIProcess/gtk/AcceleratedBackingStoreX11.cpp:145
+        https://bugs.webkit.org/show_bug.cgi?id=165656
+
+        Reviewed by Michael Catanzaro.
+
+        We are incorrectly handling BadDamage errors because the BadDamage value we pass to the XErrorTrapper is not
+        the actual error code used by X11. Since XDamage is an extension, it has its own errors and a base error
+        code. We need to use the base error code we get when calling XDamageQueryExtension to pass the right error code
+        to the XErrorTrapper.
+
+        * UIProcess/gtk/AcceleratedBackingStoreX11.cpp:
+        (WebKit::AcceleratedBackingStoreX11::create): Get also the damage base error.
+        (WebKit::xDamageErrorCode): Helper to get the actual error code.
+        (WebKit::AcceleratedBackingStoreX11::~AcceleratedBackingStoreX11): Use xDamageErrorCode().
+        (WebKit::AcceleratedBackingStoreX11::update): Ditto.
+
</ins><span class="cx"> 2017-01-25  Miguel Gomez  &lt;magomez@igalia.com&gt;
</span><span class="cx"> 
</span><span class="cx">         [GTK] The inspector is broken when AC support is disabled
</span></span></pre></div>
<a id="trunkSourceWebKit2UIProcessgtkAcceleratedBackingStoreX11cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/UIProcess/gtk/AcceleratedBackingStoreX11.cpp (211144 => 211145)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/UIProcess/gtk/AcceleratedBackingStoreX11.cpp        2017-01-25 16:46:02 UTC (rev 211144)
+++ trunk/Source/WebKit2/UIProcess/gtk/AcceleratedBackingStoreX11.cpp        2017-01-25 16:54:28 UTC (rev 211145)
</span><span class="lines">@@ -47,6 +47,7 @@
</span><span class="cx"> namespace WebKit {
</span><span class="cx"> 
</span><span class="cx"> static std::optional&lt;int&gt; s_damageEventBase;
</span><ins>+static std::optional&lt;int&gt; s_damageErrorBase;
</ins><span class="cx"> 
</span><span class="cx"> class XDamageNotifier {
</span><span class="cx">     WTF_MAKE_NONCOPYABLE(XDamageNotifier);
</span><span class="lines">@@ -105,7 +106,7 @@
</span><span class="cx"> std::unique_ptr&lt;AcceleratedBackingStoreX11&gt; AcceleratedBackingStoreX11::create(WebPageProxy&amp; webPage)
</span><span class="cx"> {
</span><span class="cx">     auto&amp; display = downcast&lt;PlatformDisplayX11&gt;(PlatformDisplay::sharedDisplay());
</span><del>-    if (!display.supportsXComposite() || !display.supportsXDamage(s_damageEventBase))
</del><ins>+    if (!display.supportsXComposite() || !display.supportsXDamage(s_damageEventBase, s_damageErrorBase))
</ins><span class="cx">         return nullptr;
</span><span class="cx">     return std::unique_ptr&lt;AcceleratedBackingStoreX11&gt;(new AcceleratedBackingStoreX11(webPage));
</span><span class="cx"> }
</span><span class="lines">@@ -115,6 +116,12 @@
</span><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx"> 
</span><ins>+static inline unsigned char xDamageErrorCode(unsigned char errorCode)
+{
+    ASSERT(s_damageErrorBase);
+    return static_cast&lt;unsigned&gt;(s_damageErrorBase.value()) + errorCode;
+}
+
</ins><span class="cx"> AcceleratedBackingStoreX11::~AcceleratedBackingStoreX11()
</span><span class="cx"> {
</span><span class="cx">     if (!m_surface &amp;&amp; !m_damage)
</span><span class="lines">@@ -121,7 +128,7 @@
</span><span class="cx">         return;
</span><span class="cx"> 
</span><span class="cx">     Display* display = downcast&lt;PlatformDisplayX11&gt;(PlatformDisplay::sharedDisplay()).native();
</span><del>-    XErrorTrapper trapper(display, XErrorTrapper::Policy::Crash, { BadDrawable, BadDamage });
</del><ins>+    XErrorTrapper trapper(display, XErrorTrapper::Policy::Crash, { BadDrawable, xDamageErrorCode(BadDamage) });
</ins><span class="cx">     if (m_damage) {
</span><span class="cx">         XDamageNotifier::singleton().remove(m_damage.get());
</span><span class="cx">         m_damage.reset();
</span><span class="lines">@@ -138,7 +145,7 @@
</span><span class="cx">     Display* display = downcast&lt;PlatformDisplayX11&gt;(PlatformDisplay::sharedDisplay()).native();
</span><span class="cx"> 
</span><span class="cx">     if (m_surface) {
</span><del>-        XErrorTrapper trapper(display, XErrorTrapper::Policy::Crash, { BadDrawable, BadDamage });
</del><ins>+        XErrorTrapper trapper(display, XErrorTrapper::Policy::Crash, { BadDrawable, xDamageErrorCode(BadDamage) });
</ins><span class="cx">         if (m_damage) {
</span><span class="cx">             XDamageNotifier::singleton().remove(m_damage.get());
</span><span class="cx">             m_damage.reset();
</span><span class="lines">@@ -158,7 +165,7 @@
</span><span class="cx">     float deviceScaleFactor = m_webPage.deviceScaleFactor();
</span><span class="cx">     size.scale(deviceScaleFactor);
</span><span class="cx"> 
</span><del>-    XErrorTrapper trapper(display, XErrorTrapper::Policy::Crash, { BadDrawable, BadDamage });
</del><ins>+    XErrorTrapper trapper(display, XErrorTrapper::Policy::Crash, { BadDrawable, xDamageErrorCode(BadDamage) });
</ins><span class="cx">     ASSERT(downcast&lt;PlatformDisplayX11&gt;(PlatformDisplay::sharedDisplay()).native() == GDK_DISPLAY_XDISPLAY(gdk_display_get_default()));
</span><span class="cx">     GdkVisual* visual = gdk_screen_get_rgba_visual(gdk_screen_get_default());
</span><span class="cx">     if (!visual)
</span></span></pre></div>
<a id="trunkSourceWebKit2UIProcessgtkWebPreferencesGtkcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/UIProcess/gtk/WebPreferencesGtk.cpp (211144 => 211145)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/UIProcess/gtk/WebPreferencesGtk.cpp        2017-01-25 16:46:02 UTC (rev 211144)
+++ trunk/Source/WebKit2/UIProcess/gtk/WebPreferencesGtk.cpp        2017-01-25 16:54:28 UTC (rev 211145)
</span><span class="lines">@@ -61,8 +61,8 @@
</span><span class="cx"> #if USE(REDIRECTED_XCOMPOSITE_WINDOW)
</span><span class="cx">     if (PlatformDisplay::sharedDisplay().type() == PlatformDisplay::Type::X11) {
</span><span class="cx">         auto&amp; display = downcast&lt;PlatformDisplayX11&gt;(PlatformDisplay::sharedDisplay());
</span><del>-        std::optional&lt;int&gt; damageBase;
-        if (!display.supportsXComposite() || !display.supportsXDamage(damageBase))
</del><ins>+        std::optional&lt;int&gt; damageBase, errorBase;
+        if (!display.supportsXComposite() || !display.supportsXDamage(damageBase, errorBase))
</ins><span class="cx">             setAcceleratedCompositingEnabled(false);
</span><span class="cx">     }
</span><span class="cx"> #endif
</span></span></pre>
</div>
</div>

</body>
</html>