Skip to site navigation (Press enter)

[webkit-changes] [241067] branches/safari-607-branch/Source/WebKit

alancoon Wed, 06 Feb 2019 14:17:50 -0800

Title: [241067] branches/safari-607-branch/Source/WebKit

Revision: 241067
Author: [email protected]
Date: 2019-02-06 14:16:47 -0800 (Wed, 06 Feb 2019)

Log Message

Cherry-pick r240717. rdar://problem/47774504


    Crash in WebKit::RemoteLayerTreePropertyApplier::updateChildren
    https://bugs.webkit.org/show_bug.cgi?id=193897
    <rdar://problem/47427750>

    Reviewed by Simon Fraser.

    There has been some null pointer crashes where we fail to find a remote layer tree node that matches
    the transaction properties.

    * Shared/RemoteLayerTree/RemoteLayerTreePropertyApplier.mm:
    (WebKit::RemoteLayerTreePropertyApplier::updateChildren):

    Null check the nodes.

    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240717 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Modified Paths

branches/safari-607-branch/Source/WebKit/ChangeLog
branches/safari-607-branch/Source/WebKit/Shared/RemoteLayerTree/RemoteLayerTreePropertyApplier.mm

Diff

Modified: branches/safari-607-branch/Source/WebKit/ChangeLog (241066 => 241067)


--- branches/safari-607-branch/Source/WebKit/ChangeLog	2019-02-06 22:16:45 UTC (rev 241066)
+++ branches/safari-607-branch/Source/WebKit/ChangeLog	2019-02-06 22:16:47 UTC (rev 241067)
@@ -1,5 +1,42 @@
 2019-02-05  Alan Coon  <[email protected]>
 
+        Cherry-pick r240717. rdar://problem/47774504
+
+    Crash in WebKit::RemoteLayerTreePropertyApplier::updateChildren
+    https://bugs.webkit.org/show_bug.cgi?id=193897
+    <rdar://problem/47427750>
+    
+    Reviewed by Simon Fraser.
+    
+    There has been some null pointer crashes where we fail to find a remote layer tree node that matches
+    the transaction properties.
+    
+    * Shared/RemoteLayerTree/RemoteLayerTreePropertyApplier.mm:
+    (WebKit::RemoteLayerTreePropertyApplier::updateChildren):
+    
+    Null check the nodes.
+    
+    
+    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240717 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+    2019-01-30  Antti Koivisto  <[email protected]>
+
+            Crash in WebKit::RemoteLayerTreePropertyApplier::updateChildren
+            https://bugs.webkit.org/show_bug.cgi?id=193897
+            <rdar://problem/47427750>
+
+            Reviewed by Simon Fraser.
+
+            There has been some null pointer crashes where we fail to find a remote layer tree node that matches
+            the transaction properties.
+
+            * Shared/RemoteLayerTree/RemoteLayerTreePropertyApplier.mm:
+            (WebKit::RemoteLayerTreePropertyApplier::updateChildren):
+
+            Null check the nodes.
+
+2019-02-05  Alan Coon  <[email protected]>
+
         Cherry-pick r240702. rdar://problem/47774503
 
     iOS: Nullptr crash in WebPage::getPositionInformation dereferencing an input element for data list

Modified: branches/safari-607-branch/Source/WebKit/Shared/RemoteLayerTree/RemoteLayerTreePropertyApplier.mm (241066 => 241067)


--- branches/safari-607-branch/Source/WebKit/Shared/RemoteLayerTree/RemoteLayerTreePropertyApplier.mm	2019-02-06 22:16:45 UTC (rev 241066)
+++ branches/safari-607-branch/Source/WebKit/Shared/RemoteLayerTree/RemoteLayerTreePropertyApplier.mm	2019-02-06 22:16:47 UTC (rev 241067)
@@ -277,7 +277,11 @@
     auto hasViewChildren = [&] {
         if (node.uiView() && [[node.uiView() subviews] count])
             return true;
-        return !properties.children.isEmpty() && relatedLayers.get(properties.children.first())->uiView();
+        if (properties.children.isEmpty())
+            return false;
+        auto* childNode = relatedLayers.get(properties.children.first());
+        ASSERT(childNode);
+        return childNode && childNode->uiView();
     };
 
     auto contentView = [&] {
@@ -295,6 +299,9 @@
         RetainPtr<NSMutableArray> subviews = adoptNS([[NSMutableArray alloc] initWithCapacity:properties.children.size()]);
         for (auto& child : properties.children) {
             auto* childNode = relatedLayers.get(child);
+            ASSERT(childNode);
+            if (!childNode)
+                continue;
             ASSERT(childNode->uiView());
             [subviews addObject:childNode->uiView()];
         }
@@ -307,6 +314,9 @@
     RetainPtr<NSMutableArray> sublayers = adoptNS([[NSMutableArray alloc] initWithCapacity:properties.children.size()]);
     for (auto& child : properties.children) {
         auto* childNode = relatedLayers.get(child);
+        ASSERT(childNode);
+        if (!childNode)
+            continue;
 #if PLATFORM(IOS_FAMILY)
         ASSERT(!childNode->uiView());
 #endif
@@ -339,7 +349,11 @@
         return;
     }
 
-    CALayer *maskLayer = relatedLayers.get(properties.maskLayerID)->layer();
+    auto* maskNode = relatedLayers.get(properties.maskLayerID);
+    ASSERT(maskNode);
+    if (!maskNode)
+        return;
+    CALayer *maskLayer = maskNode->layer();
     ASSERT(!maskLayer.superlayer);
     if (maskLayer.superlayer)
         return;

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes