[webkit-changes] [218915] trunk/Source/WebCore

Wed, 28 Jun 2017 20:58:35 -0700

Title: [218915] trunk/Source/WebCore
Revision
218915
Author
rn...@webkit.org
Date
2017-06-28 20:58:17 -0700 (Wed, 28 Jun 2017)

Log Message

Crash in WebCore::ScrollingTreeFixedNode::updateLayersAfterAncestorChange
https://bugs.webkit.org/show_bug.cgi?id=173958

Reviewed by Simon Fraser.

The crashed is most likely caused by updateLayersAfterAncestorChange calling [CALayer setPosition]
with a CGPoint which contains the x coordinate or the y coordinate of NaN.

Simon and I inpected the code but we couldn't figure out how we get there. Detect this case and bail out.
Also log the relevant values and debug assert when this condition is hit to help identifying the root cause.

* page/scrolling/mac/ScrollingTreeFixedNode.mm:
(WebCore::ScrollingTreeFixedNode::updateLayersAfterAncestorChange):

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (218914 => 218915)


--- trunk/Source/WebCore/ChangeLog	2017-06-29 03:55:28 UTC (rev 218914)
+++ trunk/Source/WebCore/ChangeLog	2017-06-29 03:58:17 UTC (rev 218915)
@@ -1,3 +1,19 @@
+2017-06-28  Ryosuke Niwa  <rn...@webkit.org>
+
+        Crash in WebCore::ScrollingTreeFixedNode::updateLayersAfterAncestorChange
+        https://bugs.webkit.org/show_bug.cgi?id=173958
+
+        Reviewed by Simon Fraser.
+
+        The crashed is most likely caused by updateLayersAfterAncestorChange calling [CALayer setPosition]
+        with a CGPoint which contains the x coordinate or the y coordinate of NaN.
+
+        Simon and I inpected the code but we couldn't figure out how we get there. Detect this case and bail out.
+        Also log the relevant values and debug assert when this condition is hit to help identifying the root cause.
+
+        * page/scrolling/mac/ScrollingTreeFixedNode.mm:
+        (WebCore::ScrollingTreeFixedNode::updateLayersAfterAncestorChange):
+
 2017-06-28  Chris Dumez  <cdu...@apple.com>
 
         ResourceLoadObserver clean up

Modified: trunk/Source/WebCore/page/scrolling/mac/ScrollingTreeFixedNode.mm (218914 => 218915)


--- trunk/Source/WebCore/page/scrolling/mac/ScrollingTreeFixedNode.mm	2017-06-29 03:55:28 UTC (rev 218914)
+++ trunk/Source/WebCore/page/scrolling/mac/ScrollingTreeFixedNode.mm	2017-06-29 03:58:17 UTC (rev 218915)
@@ -75,7 +75,15 @@
     CGRect layerBounds = [m_layer bounds];
     CGPoint anchorPoint = [m_layer anchorPoint];
     CGPoint newPosition = layerPosition - m_constraints.alignmentOffset() + anchorPoint * layerBounds.size;
-    
+
+    if (isnan(newPosition.x) || isnan(newPosition.y)) {
+        WTFLogAlways("Attempt to call [CALayer setPosition] with NaN: newPosition=(%f, %f) layerPosition=(%f, %f) alignmentOffset=(%f, %f)",
+            newPosition.x, newPosition.y, layerPosition.x(), layerPosition.y(),
+            m_constraints.alignmentOffset().width(), m_constraints.alignmentOffset().height());
+        ASSERT_NOT_REACHED();
+        return;
+    }
+
     [m_layer setPosition:newPosition];
 
     if (!m_children)

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to