Skip to site navigation (Press enter)

[webkit-changes] [288933] trunk/Source/WebCore

simon . fraser Tue, 01 Feb 2022 17:42:04 -0800

Title: [288933] trunk/Source/WebCore

Revision: 288933
Author: [email protected]
Date: 2022-02-01 17:41:26 -0800 (Tue, 01 Feb 2022)

Log Message

Crash under ScrollingCoordinatorMac::hasNodeWithAnimatedScrollChanged()
https://bugs.webkit.org/show_bug.cgi?id=235989
<rdar://87402941>


Reviewed by Wenson Hsieh.

Crash data suggest that m_scrollingCoordinator can be null in ThreadedScrollingTree::hasNodeWithAnimatedScrollChanged(),
which is true if the scrolling tree keeps ThreadedScrollingTree alive longer than the scrolling coordinator.

As in the other functions in this file, early return if m_scrollingCoordinator is null.

* page/scrolling/ThreadedScrollingTree.cpp:
(WebCore::ThreadedScrollingTree::hasNodeWithAnimatedScrollChanged):

Modified Paths

trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/page/scrolling/ThreadedScrollingTree.cpp

Diff

Modified: trunk/Source/WebCore/ChangeLog (288932 => 288933)


--- trunk/Source/WebCore/ChangeLog	2022-02-02 01:41:19 UTC (rev 288932)
+++ trunk/Source/WebCore/ChangeLog	2022-02-02 01:41:26 UTC (rev 288933)
@@ -1,3 +1,19 @@
+2022-02-01  Simon Fraser  <[email protected]>
+
+        Crash under ScrollingCoordinatorMac::hasNodeWithAnimatedScrollChanged()
+        https://bugs.webkit.org/show_bug.cgi?id=235989
+        <rdar://87402941>
+
+        Reviewed by Wenson Hsieh.
+
+        Crash data suggest that m_scrollingCoordinator can be null in ThreadedScrollingTree::hasNodeWithAnimatedScrollChanged(),
+        which is true if the scrolling tree keeps ThreadedScrollingTree alive longer than the scrolling coordinator.
+
+        As in the other functions in this file, early return if m_scrollingCoordinator is null.
+
+        * page/scrolling/ThreadedScrollingTree.cpp:
+        (WebCore::ThreadedScrollingTree::hasNodeWithAnimatedScrollChanged):
+
 2022-02-01  Pablo Saavedra  <[email protected]>
 
         Fix build error with VIDEO=ON

Modified: trunk/Source/WebCore/page/scrolling/ThreadedScrollingTree.cpp (288932 => 288933)


--- trunk/Source/WebCore/page/scrolling/ThreadedScrollingTree.cpp	2022-02-02 01:41:19 UTC (rev 288932)
+++ trunk/Source/WebCore/page/scrolling/ThreadedScrollingTree.cpp	2022-02-02 01:41:26 UTC (rev 288933)
@@ -377,6 +377,9 @@
 
 void ThreadedScrollingTree::hasNodeWithAnimatedScrollChanged(bool hasNodeWithAnimatedScroll)
 {
+    if (!m_scrollingCoordinator)
+        return;
+
     RunLoop::main().dispatch([scrollingCoordinator = m_scrollingCoordinator, hasNodeWithAnimatedScroll] {
         scrollingCoordinator->hasNodeWithAnimatedScrollChanged(hasNodeWithAnimatedScroll);
     });

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes