Title: [283942] branches/safari-612.2.9.3-branch/Source/WebKit
- Revision
- 283942
- Author
- [email protected]
- Date
- 2021-10-11 15:40:14 -0700 (Mon, 11 Oct 2021)
Log Message
Cherry-pick r283846. rdar://problem/84117050
Fix crash in NetworkProcess preconnect due to dereferencing deallocated session
https://bugs.webkit.org/show_bug.cgi?id=231456
<rdar://problem/83752148>
Reviewed by Chris Dumez.
We capture a raw NetworkSession reference in the preconnect completion handler. This
reference could point to a deallocated object if the NetworkSession dies before the
preconnect finishes.
* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::preconnectTo):
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@283846 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Modified Paths
Diff
Modified: branches/safari-612.2.9.3-branch/Source/WebKit/ChangeLog (283941 => 283942)
--- branches/safari-612.2.9.3-branch/Source/WebKit/ChangeLog 2021-10-11 22:37:04 UTC (rev 283941)
+++ branches/safari-612.2.9.3-branch/Source/WebKit/ChangeLog 2021-10-11 22:40:14 UTC (rev 283942)
@@ -1,3 +1,38 @@
+2021-10-11 Russell Epstein <[email protected]>
+
+ Cherry-pick r283846. rdar://problem/84117050
+
+ Fix crash in NetworkProcess preconnect due to dereferencing deallocated session
+ https://bugs.webkit.org/show_bug.cgi?id=231456
+ <rdar://problem/83752148>
+
+ Reviewed by Chris Dumez.
+
+ We capture a raw NetworkSession reference in the preconnect completion handler. This
+ reference could point to a deallocated object if the NetworkSession dies before the
+ preconnect finishes.
+
+ * NetworkProcess/NetworkProcess.cpp:
+ (WebKit::NetworkProcess::preconnectTo):
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@283846 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2021-10-08 Ben Nham <[email protected]>
+
+ Fix crash in NetworkProcess preconnect due to dereferencing deallocated session
+ https://bugs.webkit.org/show_bug.cgi?id=231456
+ <rdar://problem/83752148>
+
+ Reviewed by Chris Dumez.
+
+ We capture a raw NetworkSession reference in the preconnect completion handler. This
+ reference could point to a deallocated object if the NetworkSession dies before the
+ preconnect finishes.
+
+ * NetworkProcess/NetworkProcess.cpp:
+ (WebKit::NetworkProcess::preconnectTo):
+
2021-09-30 Alan Coon <[email protected]>
Cherry-pick r283294. rdar://problem/83733561
Modified: branches/safari-612.2.9.3-branch/Source/WebKit/NetworkProcess/NetworkProcess.cpp (283941 => 283942)
--- branches/safari-612.2.9.3-branch/Source/WebKit/NetworkProcess/NetworkProcess.cpp 2021-10-11 22:37:04 UTC (rev 283941)
+++ branches/safari-612.2.9.3-branch/Source/WebKit/NetworkProcess/NetworkProcess.cpp 2021-10-11 22:40:14 UTC (rev 283942)
@@ -1395,8 +1395,9 @@
parameters.shouldPreconnectOnly = PreconnectOnly::Yes;
networkSession->networkLoadScheduler().startedPreconnectForMainResource(url, userAgent);
- auto task = new PreconnectTask(*networkSession, WTFMove(parameters), [networkSession, url, userAgent](const WebCore::ResourceError& error) {
- networkSession->networkLoadScheduler().finishedPreconnectForMainResource(url, userAgent, error);
+ auto task = new PreconnectTask(*networkSession, WTFMove(parameters), [weakNetworkSession = makeWeakPtr(*networkSession), url, userAgent](const WebCore::ResourceError& error) {
+ if (weakNetworkSession)
+ weakNetworkSession->networkLoadScheduler().finishedPreconnectForMainResource(url, userAgent, error);
});
task->setTimeout(10_s);
task->start();
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
