Modified: trunk/Source/WebKit2/ChangeLog (184738 => 184739)
--- trunk/Source/WebKit2/ChangeLog 2015-05-22 00:29:48 UTC (rev 184738)
+++ trunk/Source/WebKit2/ChangeLog 2015-05-22 00:31:07 UTC (rev 184739)
@@ -1,3 +1,20 @@
+2015-05-21 Enrica Casucci <enr...@apple.com>
+
+ [iOS] Crash when taking a snapshot of a large PDF.
+ https://bugs.webkit.org/show_bug.cgi?id=145286
+ rdar://problem/20892362
+
+ Reviewed by Tim Horton.
+
+ The code for the PDF case was incorrectly computing the snapshot rect.
+ On top of that drawViewHierarchyInRect was ignoring the rect and
+ always creating an image using the view bounds causing the crash.
+ We are now always using the IOSurface if we are parented or
+ an image context when we are not.
+
+ * UIProcess/API/Cocoa/WKWebView.mm:
+ (-[WKWebView _snapshotRect:intoImageOfWidth:completionHandler:]):
+
2015-05-21 Anders Carlsson <ander...@apple.com>
Symlink the WebKit dylib instead of just the framework directory
Modified: trunk/Source/WebKit2/UIProcess/API/Cocoa/WKWebView.mm (184738 => 184739)
--- trunk/Source/WebKit2/UIProcess/API/Cocoa/WKWebView.mm 2015-05-22 00:29:48 UTC (rev 184738)
+++ trunk/Source/WebKit2/UIProcess/API/Cocoa/WKWebView.mm 2015-05-22 00:31:07 UTC (rev 184739)
@@ -2718,6 +2718,20 @@
CGFloat imageHeight = imageScale * snapshotRectInContentCoordinates.size.height;
CGSize imageSize = CGSizeMake(imageWidth, imageHeight);
+#if USE(IOSURFACE)
+ // If we are parented and thus won't incur a significant penalty from paging in tiles, snapshot the view hierarchy directly.
+ if (self.window) {
+ auto surface = WebCore::IOSurface::create(WebCore::expandedIntSize(WebCore::FloatSize(imageSize)), WebCore::ColorSpaceDeviceRGB);
+ CGFloat imageScaleInViewCoordinates = imageWidth / rectInViewCoordinates.size.width;
+ CATransform3D transform = CATransform3DMakeScale(imageScaleInViewCoordinates, imageScaleInViewCoordinates, 1);
+ transform = CATransform3DTranslate(transform, -rectInViewCoordinates.origin.x, -rectInViewCoordinates.origin.y, 0);
+ CARenderServerRenderLayerWithTransform(MACH_PORT_NULL, self.layer.context.contextId, reinterpret_cast<uint64_t>(self.layer), surface->surface(), 0, 0, &transform);
+ completionHandler(surface->createImage().get());
+
+ return;
+ }
+#endif
+
if (_customContentView) {
UIGraphicsBeginImageContextWithOptions(imageSize, YES, 1);
@@ -2725,41 +2739,18 @@
[customContentView.backgroundColor set];
UIRectFill(CGRectMake(0, 0, imageWidth, imageHeight));
- CGRect destinationRect = customContentView.bounds;
- destinationRect.origin.x = -snapshotRectInContentCoordinates.origin.x * imageScale;
- destinationRect.origin.y = -snapshotRectInContentCoordinates.origin.y * imageScale;
- destinationRect.size.width *= imageScale;
- destinationRect.size.height *= imageScale;
+ CGContextRef context = UIGraphicsGetCurrentContext();
+ CGContextTranslateCTM(context, -snapshotRectInContentCoordinates.origin.x * imageScale, -snapshotRectInContentCoordinates.origin.y * imageScale);
+ CGContextScaleCTM(context, imageScale, imageScale);
+ [customContentView.layer renderInContext:context];
- if ([_customContentView window])
- [customContentView drawViewHierarchyInRect:destinationRect afterScreenUpdates:NO];
- else {
- CGContextRef context = UIGraphicsGetCurrentContext();
- CGContextTranslateCTM(context, destinationRect.origin.x, destinationRect.origin.y);
- CGContextScaleCTM(context, imageScale, imageScale);
- [customContentView.layer renderInContext:context];
- }
-
completionHandler([UIGraphicsGetImageFromCurrentImageContext() CGImage]);
UIGraphicsEndImageContext();
return;
}
-#if USE(IOSURFACE)
- // If we are parented and thus won't incur a significant penalty from paging in tiles, snapshot the view hierarchy directly.
- if (self.window) {
- auto surface = WebCore::IOSurface::create(WebCore::expandedIntSize(WebCore::FloatSize(imageSize)), WebCore::ColorSpaceDeviceRGB);
- CGFloat imageScaleInViewCoordinates = imageWidth / rectInViewCoordinates.size.width;
- CATransform3D transform = CATransform3DMakeScale(imageScaleInViewCoordinates, imageScaleInViewCoordinates, 1);
- transform = CATransform3DTranslate(transform, -rectInViewCoordinates.origin.x, -rectInViewCoordinates.origin.y, 0);
- CARenderServerRenderLayerWithTransform(MACH_PORT_NULL, self.layer.context.contextId, reinterpret_cast<uint64_t>(self.layer), surface->surface(), 0, 0, &transform);
- completionHandler(surface->createImage().get());
- return;
- }
-#endif
-
void(^copiedCompletionHandler)(CGImageRef) = [completionHandler copy];
_page->takeSnapshot(WebCore::enclosingIntRect(snapshotRectInContentCoordinates), WebCore::expandedIntSize(WebCore::FloatSize(imageSize)), WebKit::SnapshotOptionsExcludeDeviceScaleFactor, [=](const WebKit::ShareableBitmap::Handle& imageHandle, WebKit::CallbackBase::Error) {
if (imageHandle.isNull()) {
