Bug 241435

Summary: RenderImageResource::setCachedImage may produce a null renderer
Product: WebKit Reporter: zalan <zalan>
Component: Layout and RenderingAssignee: zalan <zalan>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, changseok, dylan, esprehn+autocc, ews-watchlist, glenn, kondapallykalyan, pdr, simon.fraser, zalan
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
[fast-cq]Patch none

Description zalan 2022-06-08 13:33:29 PDT 
<rdar://93714107>
Comment 1 zalan 2022-06-08 13:37:42 PDT 
Created attachment 460101 [details]
[fast-cq]Patch
Comment 2 Brent Fulgham 2022-06-08 13:42:09 PDT 
Comment on attachment 460101 [details]
[fast-cq]Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=460101&action=review

> Source/WebCore/rendering/RenderImageResource.cpp:67
> +        // removeClient may have destroyed the renderer.

Don't we still want to set the m_cachedimage value below (even though the existing renderer was possible destroyed)?
Comment 3 Brent Fulgham 2022-06-08 13:51:09 PDT 
Comment on attachment 460101 [details]
[fast-cq]Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=460101&action=review

>> Source/WebCore/rendering/RenderImageResource.cpp:67
>> +        // removeClient may have destroyed the renderer.
> 
> Don't we still want to set the m_cachedimage value below (even though the existing renderer was possible destroyed)?

I spoke to Alan offline. If 'm_renderer' is nullptr, we expect 'this' to be nullptr as well, so we should early return.
Comment 4 EWS 2022-06-08 14:02:24 PDT 
Committed r295393 (251399@main): <https://commits.webkit.org/251399@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 460101 [details].
Comment 5 Antoine Quint 2022-06-14 08:15:07 PDT 
*** Bug 241512 has been marked as a duplicate of this bug. ***
Comment 6 Simon Fraser (smfr) 2022-06-14 08:49:18 PDT 
Bug 241512 has a user-visible symptom, suggesting that we could create a layout test for this patch.
Comment 7 zalan 2022-06-14 09:33:25 PDT 
(In reply to Simon Fraser (smfr) from comment #6)
> Bug 241512 has a user-visible symptom, suggesting that we could create a
> layout test for this patch.
That would be awesome given the speculative nature of this fix.
Comment 8 zalan 2022-06-14 09:41:29 PDT 
Yeah I can repro it (and it's <rdar://94689000>)