Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: bc12cf35f8cbb32265e306c65e26b7ab3556dbce
https://github.com/WebKit/WebKit/commit/bc12cf35f8cbb32265e306c65e26b7ab3556dbce
Author: Rupin Mittal <[email protected]>
Date: 2026-01-06 (Tue, 06 Jan 2026)
Changed paths:
M Source/WebCore/page/Navigation.cpp
Log Message:
-----------
[Navigation API] StabilityTracer: com.apple.WebKit.WebContent at WebCore:
WebCore::Navigation::innerDispatchNavigateEvent
https://bugs.webkit.org/show_bug.cgi?id=305005
rdar://167449903
Reviewed by Chris Dumez.
The crash is on this line:
m_transition = NavigationTransition::create(navigationType,
*fromNavigationHistoryEntry, DeferredPromise::create(domGlobalObject,
DeferredPromise::Mode::RetainPromiseOnResolve).releaseNonNull());
It seems that fromNavigationHistoryEntry is null when dereferenced.
It's not clear why there is no currentEntry. For now the best fix we have is
to null check fromNavigationHistoryEntry and abort the event.
* Source/WebCore/page/Navigation.cpp:
(WebCore::Navigation::innerDispatchNavigateEvent):
Canonical link: https://commits.webkit.org/305194@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
