[webkit-changes] [239514] trunk/Source/WebKit

[krollin]

Title: [239514] trunk/Source/WebKit

Revision

239514

Author

krol...@apple.com

Date

2018-12-21 12:25:23 -0800 (Fri, 21 Dec 2018)

Log Message

Crash in com.apple.WebKit: WebKit::WebResourceLoader::willSendRequest + 223
https://bugs.webkit.org/show_bug.cgi?id=192989

Reviewed by Chris Dumez.

willSendRequest is calling maybeLoadFallbackForRedirect, which can
delete “this”. After that, some new logging code tries to access
“this” and causes the crash. Fix this by adjusting the scope of a
"protectedThis".

* WebProcess/Network/WebResourceLoader.cpp:
(WebKit::WebResourceLoader::willSendRequest):

Modified Paths

• trunk/Source/WebKit/ChangeLog
• trunk/Source/WebKit/WebProcess/Network/WebResourceLoader.cpp

Diff

Modified: trunk/Source/WebKit/ChangeLog (239513 => 239514)

--- trunk/Source/WebKit/ChangeLog	2018-12-21 20:00:41 UTC (rev 239513)
+++ trunk/Source/WebKit/ChangeLog	2018-12-21 20:25:23 UTC (rev 239514)
@@ -1,3 +1,18 @@
+2018-12-21  Keith Rollin  <krol...@apple.com>
+
+        Crash in com.apple.WebKit: WebKit::WebResourceLoader::willSendRequest + 223
+        https://bugs.webkit.org/show_bug.cgi?id=192989
+
+        Reviewed by Chris Dumez.
+
+        willSendRequest is calling maybeLoadFallbackForRedirect, which can
+        delete “this”. After that, some new logging code tries to access
+        “this” and causes the crash. Fix this by adjusting the scope of a
+        "protectedThis".
+
+        * WebProcess/Network/WebResourceLoader.cpp:
+        (WebKit::WebResourceLoader::willSendRequest):
+
 2018-12-21  Alejandro G. Castro  <a...@igalia.com>
 
         [GTK][WPE] Add DeviceIdHashSaltStorage disk persistence

Modified: trunk/Source/WebKit/WebProcess/Network/WebResourceLoader.cpp (239513 => 239514)

--- trunk/Source/WebKit/WebProcess/Network/WebResourceLoader.cpp	2018-12-21 20:00:41 UTC (rev 239513)
+++ trunk/Source/WebKit/WebProcess/Network/WebResourceLoader.cpp	2018-12-21 20:25:23 UTC (rev 239514)
@@ -85,6 +85,8 @@
 
 void WebResourceLoader::willSendRequest(ResourceRequest&& proposedRequest, ResourceResponse&& redirectResponse)
 {
+    Ref<WebResourceLoader> protectedThis(*this);
+
     LOG(Network, "(WebProcess) WebResourceLoader::willSendRequest to '%s'", proposedRequest.url().string().latin1().data());
     RELEASE_LOG_IF_ALLOWED("willSendRequest: (pageID = %" PRIu64 ", frameID = %" PRIu64 ", resourceID = %" PRIu64 ")", m_trackingParameters.pageID, m_trackingParameters.frameID, m_trackingParameters.resourceID);
 
@@ -93,7 +95,7 @@
         return;
     }
 
-    m_coreLoader->willSendRequest(WTFMove(proposedRequest), redirectResponse, [this, protectedThis = makeRef(*this)](ResourceRequest&& request) {
+    m_coreLoader->willSendRequest(WTFMove(proposedRequest), redirectResponse, [this, protectedThis = WTFMove(protectedThis)](ResourceRequest&& request) {
         if (!m_coreLoader || !m_coreLoader->identifier()) {
             RELEASE_LOG_IF_ALLOWED("willSendRequest: exiting early because no coreloader or identifier (pageID = %" PRIu64 ", frameID = %" PRIu64 ", resourceID = %" PRIu64 ")", m_trackingParameters.pageID, m_trackingParameters.frameID, m_trackingParameters.resourceID);
             return;

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes