Changeset 196267 in webkit

Timestamp:

Feb 8, 2016 12:53:21 PM (8 years ago)

Author:

andersca@apple.com

Message:

Crash when trying to chain to the old -[NSView setNeedsDisplayInRect:]
​https://bugs.webkit.org/show_bug.cgi?id=154001
rdar://problem/24519975

Reviewed by Dan Bernstein.

If our replaced -[NSView setNeedsDisplayInRect:] is called before the old IMP has been initialized,
we can end up trying to call a null pointer.

Fix this by using method_exchangeImplementations instead of method_setImplementation, since the former is done
atomically.

• WebView/WebHTMLView.mm:

(-[NSView _web_setNeedsDisplayInRect:]):
(+[WebHTMLViewPrivate initialize]):
(setNeedsDisplayInRect): Deleted.

Location:

trunk/Source/WebKit/mac

Files:

• ChangeLog (modified) (1 diff)
• WebView/WebHTMLView.mm (modified) (5 diffs)

trunk/Source/WebKit/mac/ChangeLog

@@ +1 @@
+2016-02-08  Anders Carlsson  <andersca@apple.com>
+
+        Crash when trying to chain to the old -[NSView setNeedsDisplayInRect:]
+        https://bugs.webkit.org/show_bug.cgi?id=154001
+        rdar://problem/24519975
+
+        Reviewed by Dan Bernstein.
+
+        If our replaced -[NSView setNeedsDisplayInRect:] is called before the old IMP has been initialized,
+        we can end up trying to call a null pointer. 
+        
+        Fix this by using method_exchangeImplementations instead of method_setImplementation, since the former is done
+        atomically.
+
+        * WebView/WebHTMLView.mm:
+        (-[NSView _web_setNeedsDisplayInRect:]):
+        (+[WebHTMLViewPrivate initialize]):
+        (setNeedsDisplayInRect): Deleted.
+
 2016-02-07  Dan Bernstein  <mitz@apple.com>
 

trunk/Source/WebKit/mac/WebView/WebHTMLView.mm

@@ -689 +689 @@
 
 #if !PLATFORM(IOS)
-static IMP oldSetNeedsDisplayInRectIMP;
-
-static void setNeedsDisplayInRect(NSView *self, SEL cmd, NSRect invalidRect)
-{
+
+@interface NSView (WebSetNeedsDisplayInRect)
+- (void)_web_setNeedsDisplayInRect:(NSRect)invalidRect;
+@end
+
+@implementation NSView (WebSetNeedsDisplayInRect)
+
+- (void)_web_setNeedsDisplayInRect:(NSRect)invalidRect
+{
+    // Note that we call method_exchangeImplementations below, so any calls
+    // to _web_setNeedsDisplayInRect: will actually call -[NSView setNeedsDisplayInRect:].
+
     if (![NSThread isMainThread] || ![self _drawnByAncestor]) {
-        wtfCallIMP<id>(oldSetNeedsDisplayInRectIMP, self, cmd, invalidRect);
+        [self _web_setNeedsDisplayInRect:invalidRect];
         return;
     }
@@ -704 +712 @@
 
     if (!enclosingWebFrameView) {
-        wtfCallIMP<id>(oldSetNeedsDisplayInRectIMP, self, cmd, invalidRect);
+        [self _web_setNeedsDisplayInRect:invalidRect];
         return;
     }
@@ -711 +719 @@
     FrameView* frameView = coreFrame ? coreFrame->view() : 0;
     if (!frameView || !frameView->isEnclosedInCompositingLayer()) {
-        wtfCallIMP<id>(oldSetNeedsDisplayInRectIMP, self, cmd, invalidRect);
+        [self _web_setNeedsDisplayInRect:invalidRect];
         return;
     }
@@ -722 +730 @@
     frameView->invalidateRect(invalidRectInFrameViewCoordinates);
 }
+
+@end
 
 @interface NSApplication (WebNSApplicationDetails)
@@ -1027 +1037 @@
     }
 
-    if (!oldSetNeedsDisplayInRectIMP) {
-        Method setNeedsDisplayInRectMethod = class_getInstanceMethod([NSView class], @selector(setNeedsDisplayInRect:));
-        ASSERT(setNeedsDisplayInRectMethod);
-        oldSetNeedsDisplayInRectIMP = method_setImplementation(setNeedsDisplayInRectMethod, (IMP)setNeedsDisplayInRect);
-        ASSERT(oldSetNeedsDisplayInRectIMP);
-    }
-
-#endif
-
+    method_exchangeImplementations(class_getInstanceMethod([NSView class], @selector(setNeedsDisplayInRect:)), class_getInstanceMethod([NSView class], @selector(_web_setNeedsDisplayInRect:)));
+#endif
 }