[webkit-changes] [211730] trunk/Source/WebCore

Mon, 06 Feb 2017 09:35:10 -0800

Title: [211730] trunk/Source/WebCore
Revision
211730
Author
an...@apple.com
Date
2017-02-06 09:35:12 -0800 (Mon, 06 Feb 2017)

Log Message

CrashTracer: com.apple.WebKit.WebContent at WebCore: WebCore::Node::invalidateStyle
https://bugs.webkit.org/show_bug.cgi?id=167878
rdar://problem/30251840

Reviewed by Andreas Kling.

Speculative fix.

We are trying to invalidate a null node from ~PostResolutionCallbackDisabler. Looks like the only way
this could happen is if HTMLFrameOwnerElement::scheduleinvalidateStyleAndLayerComposition is called
with null 'this'. There is one place where this might happen.

* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::attachRootLayer): Add null check.

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (211729 => 211730)


--- trunk/Source/WebCore/ChangeLog	2017-02-06 17:28:04 UTC (rev 211729)
+++ trunk/Source/WebCore/ChangeLog	2017-02-06 17:35:12 UTC (rev 211730)
@@ -1,3 +1,20 @@
+2017-02-06  Antti Koivisto  <an...@apple.com>
+
+        CrashTracer: com.apple.WebKit.WebContent at WebCore: WebCore::Node::invalidateStyle
+        https://bugs.webkit.org/show_bug.cgi?id=167878
+        rdar://problem/30251840
+
+        Reviewed by Andreas Kling.
+
+        Speculative fix.
+
+        We are trying to invalidate a null node from ~PostResolutionCallbackDisabler. Looks like the only way
+        this could happen is if HTMLFrameOwnerElement::scheduleinvalidateStyleAndLayerComposition is called
+        with null 'this'. There is one place where this might happen.
+
+        * rendering/RenderLayerCompositor.cpp:
+        (WebCore::RenderLayerCompositor::attachRootLayer): Add null check.
+
 2017-02-06  Ryan Haddad  <ryanhad...@apple.com>
 
         Unreviewed, rolling out r211722.

Modified: trunk/Source/WebCore/rendering/RenderLayerCompositor.cpp (211729 => 211730)


--- trunk/Source/WebCore/rendering/RenderLayerCompositor.cpp	2017-02-06 17:28:04 UTC (rev 211729)
+++ trunk/Source/WebCore/rendering/RenderLayerCompositor.cpp	2017-02-06 17:35:12 UTC (rev 211730)
@@ -3459,7 +3459,8 @@
         case RootLayerAttachedViaEnclosingFrame: {
             // The layer will get hooked up via RenderLayerBacking::updateConfiguration()
             // for the frame's renderer in the parent document.
-            m_renderView.document().ownerElement()->scheduleinvalidateStyleAndLayerComposition();
+            if (auto* ownerElement = m_renderView.document().ownerElement())
+                ownerElement->scheduleinvalidateStyleAndLayerComposition();
             break;
         }
     }

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to