+2019-01-30 Antti Koivisto <antti@apple.com>
+
+ Crash in WebKit::RemoteLayerTreePropertyApplier::updateChildren
+ https://bugs.webkit.org/show_bug.cgi?id=193897
+ <rdar://problem/47427750>
+
+ Reviewed by Simon Fraser.
+
+ There has been some null pointer crashes where we fail to find a remote layer tree node that matches
+ the transaction properties.
+
+ * Shared/RemoteLayerTree/RemoteLayerTreePropertyApplier.mm:
+ (WebKit::RemoteLayerTreePropertyApplier::updateChildren):
+
+ Null check the nodes.
+
2019-01-30 Simon Fraser <simon.fraser@apple.com>
Add some basic geometry information to the scrolling tree
auto hasViewChildren = [&] {
if (node.uiView() && [[node.uiView() subviews] count])
return true;
- return !properties.children.isEmpty() && relatedLayers.get(properties.children.first())->uiView();
+ if (properties.children.isEmpty())
+ return false;
+ auto* childNode = relatedLayers.get(properties.children.first());
+ ASSERT(childNode);
+ return childNode && childNode->uiView();
};
auto contentView = [&] {
RetainPtr<NSMutableArray> subviews = adoptNS([[NSMutableArray alloc] initWithCapacity:properties.children.size()]);
for (auto& child : properties.children) {
auto* childNode = relatedLayers.get(child);
+ ASSERT(childNode);
+ if (!childNode)
+ continue;
ASSERT(childNode->uiView());
[subviews addObject:childNode->uiView()];
}
RetainPtr<NSMutableArray> sublayers = adoptNS([[NSMutableArray alloc] initWithCapacity:properties.children.size()]);
for (auto& child : properties.children) {
auto* childNode = relatedLayers.get(child);
+ ASSERT(childNode);
+ if (!childNode)
+ continue;
#if PLATFORM(IOS_FAMILY)
ASSERT(!childNode->uiView());
#endif
return;
}
- CALayer *maskLayer = relatedLayers.get(properties.maskLayerID)->layer();
+ auto* maskNode = relatedLayers.get(properties.maskLayerID);
+ ASSERT(maskNode);
+ if (!maskNode)
+ return;
+ CALayer *maskLayer = maskNode->layer();
ASSERT(!maskLayer.superlayer);
if (maskLayer.superlayer)
return;
git://git.webkit.org / WebKit-https.git / commitdiff