gpu: Invalidate channel map first to fix reentracy issues Clearing the channel map in DestroyAllChannels can re-enter into GpuChannelManager via LoseAllContexts from ~GpuChannel causing a use-after-free crash. Bug: 942954 Change-Id: Iaf5f64ec3f96f2b5948cd6080c701c1107bd5b2c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1529342 Auto-Submit: Sunny Sachanandani <sunnyps@chromium.org> Reviewed-by: Antoine Labour <piman@chromium.org> Commit-Queue: Sunny Sachanandani <sunnyps@chromium.org> Cr-Commit-Position: refs/heads/master@{#642138}

commit: 0e6d6bf816c17b290e3fb56f7abb50f7034d2a73 [log] [tgz]
author: Sunny Sachanandani <sunnyps@chromium.org> Tue Mar 19 19:47:45 2019
committer: Commit Bot <commit-bot@chromium.org> Tue Mar 19 19:47:45 2019
tree: 74fb0d97080f957a1e12c885ee4740df78066642
parent: 67140f6cd8a5c4b035727b6bebf591cc5d77f6fc [diff]
diff --git a/gpu/ipc/service/gpu_channel_manager.cc b/gpu/ipc/service/gpu_channel_manager.cc
index c185b57..b9a99c0 100644
--- a/gpu/ipc/service/gpu_channel_manager.cc
+++ b/gpu/ipc/service/gpu_channel_manager.cc

@@ -209,7 +209,11 @@
 }
 
 void GpuChannelManager::DestroyAllChannels() {
+  // Clear |gpu_channels_| first to prevent reentrancy problems from GpuChannel
+  // destructor.
+  auto gpu_channels = std::move(gpu_channels_);
   gpu_channels_.clear();
+  gpu_channels.clear();
 }
 
 void GpuChannelManager::GetVideoMemoryUsageStats(
commit	0e6d6bf816c17b290e3fb56f7abb50f7034d2a73	[log] [tgz]
author	Sunny Sachanandani <sunnyps@chromium.org>	Tue Mar 19 19:47:45 2019
committer	Commit Bot <commit-bot@chromium.org>	Tue Mar 19 19:47:45 2019
tree	74fb0d97080f957a1e12c885ee4740df78066642
parent	67140f6cd8a5c4b035727b6bebf591cc5d77f6fc [diff]