Title: [195982] trunk/Source/WebKit2
- Revision
- 195982
- Author
- [email protected]
- Date
- 2016-02-01 15:31:30 -0800 (Mon, 01 Feb 2016)
Log Message
Crash using WKPDFView, in -[UIPDFPageView showContent]
https://bugs.webkit.org/show_bug.cgi?id=153770
<rdar://problem/20157864>
Reviewed by Anders Carlsson.
When scrolling, we throw away UIPDFPageViews, but forget to unhook their delegates.
In some cases (also because their delegate is a raw pointer, not weak), they can call
back into a deleted WKPDFView, causing a crash.
* UIProcess/ios/WKPDFView.mm:
(detachViewForPage):
Add a helper to detach a page view, and unhook its delegates.
(-[WKPDFView _clearPages]):
(-[WKPDFView _revalidateViews]):
Make use of the new helper.
Modified Paths
Diff
Modified: trunk/Source/WebKit2/ChangeLog (195981 => 195982)
--- trunk/Source/WebKit2/ChangeLog 2016-02-01 23:19:26 UTC (rev 195981)
+++ trunk/Source/WebKit2/ChangeLog 2016-02-01 23:31:30 UTC (rev 195982)
@@ -1,3 +1,23 @@
+2016-02-01 Tim Horton <[email protected]>
+
+ Crash using WKPDFView, in -[UIPDFPageView showContent]
+ https://bugs.webkit.org/show_bug.cgi?id=153770
+ <rdar://problem/20157864>
+
+ Reviewed by Anders Carlsson.
+
+ When scrolling, we throw away UIPDFPageViews, but forget to unhook their delegates.
+ In some cases (also because their delegate is a raw pointer, not weak), they can call
+ back into a deleted WKPDFView, causing a crash.
+
+ * UIProcess/ios/WKPDFView.mm:
+ (detachViewForPage):
+ Add a helper to detach a page view, and unhook its delegates.
+
+ (-[WKPDFView _clearPages]):
+ (-[WKPDFView _revalidateViews]):
+ Make use of the new helper.
+
2016-02-01 Dan Bernstein <[email protected]>
<rdar://problem/20150072> [iOS] Remove some file upload code only needed before iOS 9
Modified: trunk/Source/WebKit2/UIProcess/ios/WKPDFView.mm (195981 => 195982)
--- trunk/Source/WebKit2/UIProcess/ios/WKPDFView.mm 2016-02-01 23:19:26 UTC (rev 195981)
+++ trunk/Source/WebKit2/UIProcess/ios/WKPDFView.mm 2016-02-01 23:31:30 UTC (rev 195982)
@@ -156,13 +156,18 @@
return [_pdfDocument CGDocument];
}
+static void detachViewForPage(PDFPageInfo& page)
+{
+ [page.view removeFromSuperview];
+ [page.view setDelegate:nil];
+ [[page.view annotationController] setDelegate:nil];
+ page.view = nil;
+}
+
- (void)_clearPages
{
- for (auto& page : _pages) {
- [page.view removeFromSuperview];
- [page.view setDelegate:nil];
- [[page.view annotationController] setDelegate:nil];
- }
+ for (auto& page : _pages)
+ detachViewForPage(page);
_pages.clear();
}
@@ -268,8 +273,7 @@
for (auto& pageInfo : _pages) {
if (!CGRectIntersectsRect(pageInfo.frame, targetRectWithOverdraw) && pageInfo.index != _currentFindPageIndex) {
- [pageInfo.view removeFromSuperview];
- pageInfo.view = nullptr;
+ detachViewForPage(pageInfo);
continue;
}
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
