Fix use after free crash in thumbnail capturing code JB#28888

[tworaz]

The QMozGrabResult object is expected to be created from the main application thread. Unfotunately the QMozGrabResult::captureImage is currently directly connected to QOpenGLWebPage::afterRendering slot which is invoked on Gecko's compositor thread. This means the object can actually be in use when the UI thread removes it.

To fix the problem QOpenGLWebPage was extended to keep a list of weak refs to QMozGrabResuls it was asked to handle. When QOpenGLWebpage::drawOverlay is invoked, the code iterates over pending grab results, tries to convert weak refs into strong ones and only invokes the captureImage function when the conversion is successful. If the UI thread removed the object before the capture process was realized on the compostor thread the weak ref will be invalid and the image capture process can be simply aborted. In case the UI thread tries to remove QMozGrabResult while it's actually being processed the newly aquired strong ref on the compositor thread will keep the object alve until the capture process is finished.