Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: d29efacb92f373cc441bef208b6705670c800ddc
https://github.com/WebKit/WebKit/commit/d29efacb92f373cc441bef208b6705670c800ddc
Author: Wenson Hsieh <[email protected]>
Date: 2024-02-01 (Thu, 01 Feb 2024)
Changed paths:
M
Source/WebKit/UIProcess/RemoteLayerTree/ios/ScrollingTreeScrollingNodeDelegateIOS.h
M
Source/WebKit/UIProcess/RemoteLayerTree/ios/ScrollingTreeScrollingNodeDelegateIOS.mm
Log Message:
-----------
[iOS 17.4] Crash in -[WKScrollingNodeScrollViewDelegate
actingParentScrollViewForScrollView:]
https://bugs.webkit.org/show_bug.cgi?id=268492
rdar://122041538
Reviewed by Tim Horton.
This is a speculative fix for crashes underneath
`-actingParentScrollViewForScrollView:`, due to
accessing (what is presumably) an invalid
`ScrollingTreeScrollingNodeDelegateIOS` pointer. I wasn't
able to discover repro steps for this crash; however, from source inspection,
it's unsafe for
`WKScrollingNodeScrollViewDelegate` to hold a raw pointer to
`ScrollingTreeScrollingNodeDelegateIOS`,
since the ObjC delegate may outlive its C++ counterpart if anything (in system
frameworks like
UIKit, or in WebKit itself) retains or autoreleases the ObjC delegate.
To fix this, we turn the raw `ScrollingTreeScrollingNodeDelegateIOS*` into a
`WeakPtr`, and then
bail upon detecting a null `ScrollingTreeScrollingNodeDelegateIOS` delegate in
various scroll view
delegate method implementations in `WKScrollingNodeScrollViewDelegate`.
*
Source/WebKit/UIProcess/RemoteLayerTree/ios/ScrollingTreeScrollingNodeDelegateIOS.h:
*
Source/WebKit/UIProcess/RemoteLayerTree/ios/ScrollingTreeScrollingNodeDelegateIOS.mm:
(-[WKScrollingNodeScrollViewDelegate initWithScrollingTreeNodeDelegate:]):
Also, make this initializer take a reference instead of a pointer, to make it
clear that this can
only be initialized with a non-null `ScrollingTreeScrollingNodeDelegateIOS`.
(-[WKScrollingNodeScrollViewDelegate scrollViewDidScroll:]):
(-[WKScrollingNodeScrollViewDelegate scrollViewWillBeginDragging:]):
(-[WKScrollingNodeScrollViewDelegate
scrollViewWillEndDragging:withVelocity:targetContentOffset:]):
(-[WKScrollingNodeScrollViewDelegate scrollViewDidEndDragging:willDecelerate:]):
(-[WKScrollingNodeScrollViewDelegate scrollViewDidEndDecelerating:]):
(-[WKScrollingNodeScrollViewDelegate scrollViewDidEndScrollingAnimation:]):
(-[WKScrollingNodeScrollViewDelegate cancelPointersForGestureRecognizer:]):
(-[WKScrollingNodeScrollViewDelegate
axesToPreventScrollingForPanGestureInScrollView:]):
(-[WKScrollingNodeScrollViewDelegate parentScrollViewForScrollView:]):
(-[WKScrollingNodeScrollViewDelegate
scrollView:handleScrollUpdate:completion:]):
(WebKit::ScrollingTreeScrollingNodeDelegateIOS::commitStateAfterChildren):
Canonical link: https://commits.webkit.org/273946@main
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
