[webkit-changes] [WebKit/WebKit] fe72ea: [iOS] Occasional crash under -_updatePanGestureToP...
Wenson Hsieh
noreply at github.com
Wed Jan 24 13:30:00 PST 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: fe72eacc753b1a8dbbbb16a71bdb61883bd58cd8
https://github.com/WebKit/WebKit/commit/fe72eacc753b1a8dbbbb16a71bdb61883bd58cd8
Author: Wenson Hsieh <wenson_hsieh at apple.com>
Date: 2024-01-24 (Wed, 24 Jan 2024)
Changed paths:
M Source/WebKit/UIProcess/ios/WKBaseScrollView.mm
Log Message:
-----------
[iOS] Occasional crash under -_updatePanGestureToPreventScrolling when resetting state after process termination
https://bugs.webkit.org/show_bug.cgi?id=268011
rdar://121329521
Reviewed by Simon Fraser.
This is a speculative fix for crashes in `-[WKBaseScrollView _updatePanGestureToPreventScrolling]`
while resetting UI-side state under `WebPageProxy::resetStateAfterProcessTermination`. From the
crashing stack, this appears to be triggered because:
1. The overflow scroller is being removed from the view hierarchy.
2. UIKit invokes gesture actions one final time, which (after the changes in 271171 at main) calls out
to the `ScrollingTreeScrollingNodeDelegateIOS` to ask for active touch actions for the pan
gesture.
3. The scrolling tree node is already invalid at this point, the `RemoteScrollingTree` downcast
fails and we crash.
Try to mitigate this by not calling into delegate for locked scrolling axes in the case where we're
either not in the view hierarchy, or we're in the middle of being removed from the view hierarchy.
* Source/WebKit/UIProcess/ios/WKBaseScrollView.mm:
(-[WKBaseScrollView removeFromSuperview]):
(-[WKBaseScrollView _axesToPreventScrollingFromDelegate]):
Canonical link: https://commits.webkit.org/273443@main
More information about the webkit-changes
mailing list