[webkit-changes] [WebKit/WebKit] 2ad2ad: REGRESSION (iOS 17): Chrome crashes in VideoFullsc...

Jer Noble noreply at github.com
Wed Oct 18 08:55:32 PDT 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 2ad2ad37c92c8c8579f70bde09444fd71f40bf6c
      https://github.com/WebKit/WebKit/commit/2ad2ad37c92c8c8579f70bde09444fd71f40bf6c
  Author: Jer Noble <jer.noble at apple.com>
  Date:   2023-10-18 (Wed, 18 Oct 2023)

  Changed paths:
    M Source/WebKit/UIProcess/Cocoa/VideoPresentationManagerProxy.mm

  Log Message:
  -----------
  REGRESSION (iOS 17): Chrome crashes in VideoFullscreenModelContext::requestRouteSharingPolicyAndContextUID
https://bugs.webkit.org/show_bug.cgi?id=261676
rdar://80955844

Reviewed by Andy Estes.

Because VideoPresentationManagerProxy (nee VideoFullscreenManagerProxy) is refcounted, its lifetime
can differ significantly from the WebPageProxy that owns it. When the WebPageProxy invalidates and
releases the VideoPresentationManagerProxy, it may still have active operations which expect to call
into WebPageProxy, but the m_page pointer has already been reset to null.

Add null-checks ahead of all references to m_page and bail out early.

* Source/WebKit/UIProcess/Cocoa/VideoPresentationManagerProxy.mm:
(WebKit::VideoPresentationModelContext::presentingViewController):
(WebKit::VideoPresentationManagerProxy::~VideoPresentationManagerProxy):
(WebKit::VideoPresentationManagerProxy::invalidate):
(WebKit::VideoPresentationManagerProxy::requestRouteSharingPolicyAndContextUID):
(WebKit::VideoPresentationManagerProxy::requestBitmapImageForCurrentTime):
(WebKit::VideoPresentationManagerProxy::hasVideoInPictureInPictureDidChange):
(WebKit::VideoPresentationManagerProxy::setupFullscreenWithID):
(WebKit::VideoPresentationManagerProxy::exitFullscreen):
(WebKit::VideoPresentationManagerProxy::preparedToReturnToInline):
(WebKit::VideoPresentationManagerProxy::requestFullscreenMode):
(WebKit::VideoPresentationManagerProxy::requestUpdateInlineRect):
(WebKit::VideoPresentationManagerProxy::requestVideoContentLayer):
(WebKit::VideoPresentationManagerProxy::returnVideoContentLayer):
(WebKit::VideoPresentationManagerProxy::didSetupFullscreen):
(WebKit::VideoPresentationManagerProxy::willExitFullscreen):
(WebKit::VideoPresentationManagerProxy::didExitFullscreen):
(WebKit::VideoPresentationManagerProxy::didEnterFullscreen):
(WebKit::VideoPresentationManagerProxy::failedToEnterFullscreen):
(WebKit::VideoPresentationManagerProxy::didCleanupFullscreen):
(WebKit::VideoPresentationManagerProxy::setVideoLayerFrame):
(WebKit::VideoPresentationManagerProxy::setVideoLayerGravity):
(WebKit::VideoPresentationManagerProxy::fullscreenModeChanged):
(WebKit::VideoPresentationManagerProxy::fullscreenMayReturnToInline):

Canonical link: https://commits.webkit.org/269467@main

More information about the webkit-changes mailing list