Title: [267482] branches/safari-610.2.6.1-branch/Source/WebKit
- Revision
- 267482
- Author
- [email protected]
- Date
- 2020-09-23 09:41:07 -0700 (Wed, 23 Sep 2020)
Log Message
Cherry-pick r267412. rdar://problem/69439628
Crashtracer inside PDFPlugin::createScrollbar.
<rdar://problem/69256031> and https://bugs.webkit.org/show_bug.cgi?id=216810
Reviewed by Tim Horton.
To quote Tim from r264945:
No new tests; timing is such that I can't reproduce without inserting
intentional delays into the main thread hops, which is further than
I'm willing to go for a test.
This is a speculative fix due to the aforementioned reproducibility issue.
* WebProcess/Plugins/PDF/PDFPlugin.mm:
(WebKit::PDFPlugin::installPDFDocument): With all the past fixes in place, its apparent
the plug-in HAS been torn down, and it's somewhat common to bypass the other "hasBeenDestroyed"
checks. So put an explicit check here followed by an explicit release assert.
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@267412 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
Diff
Modified: branches/safari-610.2.6.1-branch/Source/WebKit/ChangeLog (267481 => 267482)
--- branches/safari-610.2.6.1-branch/Source/WebKit/ChangeLog 2020-09-23 16:41:03 UTC (rev 267481)
+++ branches/safari-610.2.6.1-branch/Source/WebKit/ChangeLog 2020-09-23 16:41:07 UTC (rev 267482)
@@ -1,3 +1,46 @@
+2020-09-23 Russell Epstein <[email protected]>
+
+ Cherry-pick r267412. rdar://problem/69439628
+
+ Crashtracer inside PDFPlugin::createScrollbar.
+ <rdar://problem/69256031> and https://bugs.webkit.org/show_bug.cgi?id=216810
+
+ Reviewed by Tim Horton.
+
+ To quote Tim from r264945:
+ No new tests; timing is such that I can't reproduce without inserting
+ intentional delays into the main thread hops, which is further than
+ I'm willing to go for a test.
+
+ This is a speculative fix due to the aforementioned reproducibility issue.
+
+ * WebProcess/Plugins/PDF/PDFPlugin.mm:
+ (WebKit::PDFPlugin::installPDFDocument): With all the past fixes in place, its apparent
+ the plug-in HAS been torn down, and it's somewhat common to bypass the other "hasBeenDestroyed"
+ checks. So put an explicit check here followed by an explicit release assert.
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@267412 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2020-09-22 Brady Eidson <[email protected]>
+
+ Crashtracer inside PDFPlugin::createScrollbar.
+ <rdar://problem/69256031> and https://bugs.webkit.org/show_bug.cgi?id=216810
+
+ Reviewed by Tim Horton.
+
+ To quote Tim from r264945:
+ No new tests; timing is such that I can't reproduce without inserting
+ intentional delays into the main thread hops, which is further than
+ I'm willing to go for a test.
+
+ This is a speculative fix due to the aforementioned reproducibility issue.
+
+ * WebProcess/Plugins/PDF/PDFPlugin.mm:
+ (WebKit::PDFPlugin::installPDFDocument): With all the past fixes in place, its apparent
+ the plug-in HAS been torn down, and it's somewhat common to bypass the other "hasBeenDestroyed"
+ checks. So put an explicit check here followed by an explicit release assert.
+
2020-09-18 Alan Coon <[email protected]>
Cherry-pick r266797. rdar://problem/68732167
Modified: branches/safari-610.2.6.1-branch/Source/WebKit/WebProcess/Plugins/PDF/PDFPlugin.mm (267481 => 267482)
--- branches/safari-610.2.6.1-branch/Source/WebKit/WebProcess/Plugins/PDF/PDFPlugin.mm 2020-09-23 16:41:03 UTC (rev 267481)
+++ branches/safari-610.2.6.1-branch/Source/WebKit/WebProcess/Plugins/PDF/PDFPlugin.mm 2020-09-23 16:41:07 UTC (rev 267482)
@@ -1571,6 +1571,12 @@
ASSERT(isMainThread());
LOG(IncrementalPDF, "Installing PDF document");
+ if (m_hasBeenDestroyed)
+ return;
+
+ // If we haven't been destroyed yet, there must still be a PluginController
+ RELEASE_ASSERT(controller());
+
#if HAVE(INCREMENTAL_PDF_APIS)
maybeClearHighLatencyDataProviderFlag();
#endif
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
