Title: [128972] trunk/Source/WebKit/chromium
- Revision
- 128972
- Author
- [email protected]
- Date
- 2012-09-19 00:20:40 -0700 (Wed, 19 Sep 2012)
Log Message
[Chromium] Fix crash in WebFrameImpl::loadHistoryItem
https://bugs.webkit.org/show_bug.cgi?id=96352
Reviewed by Adam Barth.
We have some crash reports with the following stack:
- HistoryItem::shouldDoSameDocumentNavigationTo.
- WebFrameImpl::loadHistoryItem
...
We don't have reproducible steps, and not sure what's the root
cause. Anyway we should check nullness of currentItem because
HistoryController::m_currentItem can be 0.
* src/WebFrameImpl.cpp:
(WebKit::WebFrameImpl::loadHistoryItem):
Check nullness of currentItem.
Modified Paths
Diff
Modified: trunk/Source/WebKit/chromium/ChangeLog (128971 => 128972)
--- trunk/Source/WebKit/chromium/ChangeLog 2012-09-19 07:00:15 UTC (rev 128971)
+++ trunk/Source/WebKit/chromium/ChangeLog 2012-09-19 07:20:40 UTC (rev 128972)
@@ -1,3 +1,23 @@
+2012-09-19 Kent Tamura <[email protected]>
+
+ [Chromium] Fix crash in WebFrameImpl::loadHistoryItem
+ https://bugs.webkit.org/show_bug.cgi?id=96352
+
+ Reviewed by Adam Barth.
+
+ We have some crash reports with the following stack:
+ - HistoryItem::shouldDoSameDocumentNavigationTo.
+ - WebFrameImpl::loadHistoryItem
+ ...
+
+ We don't have reproducible steps, and not sure what's the root
+ cause. Anyway we should check nullness of currentItem because
+ HistoryController::m_currentItem can be 0.
+
+ * src/WebFrameImpl.cpp:
+ (WebKit::WebFrameImpl::loadHistoryItem):
+ Check nullness of currentItem.
+
2012-09-18 Sailesh Agrawal <[email protected]>
Chromium: Scrollbar with tickmarks doesn't respond to clicks
Modified: trunk/Source/WebKit/chromium/src/WebFrameImpl.cpp (128971 => 128972)
--- trunk/Source/WebKit/chromium/src/WebFrameImpl.cpp 2012-09-19 07:00:15 UTC (rev 128971)
+++ trunk/Source/WebKit/chromium/src/WebFrameImpl.cpp 2012-09-19 07:20:40 UTC (rev 128972)
@@ -1029,7 +1029,7 @@
m_frame->loader()->prepareForHistoryNavigation();
RefPtr<HistoryItem> currentItem = m_frame->loader()->history()->currentItem();
- m_inSameDocumentHistoryLoad = currentItem->shouldDoSameDocumentNavigationTo(historyItem.get());
+ m_inSameDocumentHistoryLoad = currentItem && currentItem->shouldDoSameDocumentNavigationTo(historyItem.get());
m_frame->page()->goToItem(historyItem.get(),
FrameLoadTypeIndexedBackForward);
m_inSameDocumentHistoryLoad = false;
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes
