From: Chandan Padhi Date: Mon, 7 Dec 2015 13:01:32 +0000 (+0530) Subject: Fix for crash on webview resize for a new page opened in the same tab. X-Git-Tag: submit/tizen/20190801.160004~1040 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=f887741130185e942b7f11373f76b5ce750c4a8c;p=platform%2Fframework%2Fweb%2Fchromium-efl.git Fix for crash on webview resize for a new page opened in the same tab. Currently, segmentation fault occurs on webview resize when we load a new page on an already existing tab. In this scenario, a new RWHVEfl is created first and then the previous RWHVEfl is destroyed. However, the same WebContentsViewEfl(therefore the same native view) is used for the new RWHVEfl as well. Two resize callbacks(one for each RWHVEfl) are added to the same native view in order of their creation. In destructor of the previous RWHVEfl, evas_object_event_callback_del() deletes the most recently added callback(the one for the new RWHVEfl). When resize occurs for the new RWHVEfl, the callback for the previous RWHVEfl(already deleted) is invoked that results in crash. To fix this issue, we now use evas_object_event_callback_del_full() instead of evas_object_event_callback_del(). evas_object_event_callback_del_full() deletes the callback for the corresponding RWHVEfl only. Bug: http://suprem.sec.samsung.net/jira/browse/CBEFL-806 Reviewed by: sm.venugopal, sns.park Change-Id: I36e4538c12b1847bedd8263fe1d18e3815ee0e3d Signed-off-by: Chandan Padhi --- diff --git a/tizen_src/chromium_impl/content/browser/renderer_host/render_widget_host_view_efl.cc b/tizen_src/chromium_impl/content/browser/renderer_host/render_widget_host_view_efl.cc index 7dfd2c4f42dc..09dbea1c77b9 100755 --- a/tizen_src/chromium_impl/content/browser/renderer_host/render_widget_host_view_efl.cc +++ b/tizen_src/chromium_impl/content/browser/renderer_host/render_widget_host_view_efl.cc @@ -307,8 +307,8 @@ RenderWidgetHostViewEfl::~RenderWidgetHostViewEfl() { if (im_context_) delete im_context_; - evas_object_event_callback_del(parent_view_, EVAS_CALLBACK_RESIZE, - OnParentViewResize); + evas_object_event_callback_del_full(parent_view_, EVAS_CALLBACK_RESIZE, + OnParentViewResize, this); evas_object_event_callback_del(content_image_, EVAS_CALLBACK_FOCUS_IN, OnFocusIn); evas_object_event_callback_del(content_image_, EVAS_CALLBACK_FOCUS_OUT,