Bug 1517275 - Add a null check before trying to use a controller. r=botond
authorKartikaya Gupta <kgupta@mozilla.com>
Thu, 03 Jan 2019 02:54:35 +0000
changeset 509472 e38c1fa062ad9912027c5c9e4f4eeb8ac6c64da3
parent 509471 6a89226d8c15f0b8b9dbcb23f76f371fdefc289b
child 509473 c0f59d4934603397b4c466b3e04b3a724a5917f3
push id10547
push userffxbld-merge
push dateMon, 21 Jan 2019 13:03:58 +0000
treeherdermozilla-beta@24ec1916bffe [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbotond
bugs1517275
milestone66.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1517275 - Add a null check before trying to use a controller. r=botond In test code (which is where this codepath is mostly exercised), the controller should never be null here. However this codepath is sadly also used in production code on Android, and there we might experience a page navigation or a similarly destructive action while the flush is inflight. That can result in a null pointer dereference. Differential Revision: https://phabricator.services.mozilla.com/D15597
gfx/layers/apz/src/APZCTreeManager.cpp
--- a/gfx/layers/apz/src/APZCTreeManager.cpp
+++ b/gfx/layers/apz/src/APZCTreeManager.cpp
@@ -1125,20 +1125,27 @@ static bool WillHandleInput(const PanGes
 
 /*static*/ void APZCTreeManager::FlushApzRepaints(LayersId aLayersId) {
   // Previously, paints were throttled and therefore this method was used to
   // ensure any pending paints were flushed. Now, paints are flushed
   // immediately, so it is safe to simply send a notification now.
   APZCTM_LOG("Flushing repaints for layers id 0x%" PRIx64 "\n",
              uint64_t(aLayersId));
   RefPtr<GeckoContentController> controller = GetContentController(aLayersId);
+#ifndef MOZ_WIDGET_ANDROID
+  // On Android, this code is run in production and may actually get a nullptr
+  // controller here. On other platforms this code is test-only and should never
+  // get a nullptr.
   MOZ_ASSERT(controller);
-  controller->DispatchToRepaintThread(NewRunnableMethod(
-      "layers::GeckoContentController::NotifyFlushComplete", controller,
-      &GeckoContentController::NotifyFlushComplete));
+#endif
+  if (controller) {
+    controller->DispatchToRepaintThread(NewRunnableMethod(
+        "layers::GeckoContentController::NotifyFlushComplete", controller,
+        &GeckoContentController::NotifyFlushComplete));
+  }
 }
 
 nsEventStatus APZCTreeManager::ReceiveInputEvent(
     InputData& aEvent, ScrollableLayerGuid* aOutTargetGuid,
     uint64_t* aOutInputBlockId) {
   APZThreadUtils::AssertOnControllerThread();
 
   // Ignore input events when there are active tabs that are recording or