Title: [129177] branches/chromium/1229/Source/WebKit/chromium/src/WebFrameImpl.cpp
- Revision
- 129177
- Author
- [email protected]
- Date
- 2012-09-20 16:31:41 -0700 (Thu, 20 Sep 2012)
Log Message
Merge 128972 - [Chromium] Fix crash in WebFrameImpl::loadHistoryItem
https://bugs.webkit.org/show_bug.cgi?id=96352
Reviewed by Adam Barth.
We have some crash reports with the following stack:
- HistoryItem::shouldDoSameDocumentNavigationTo.
- WebFrameImpl::loadHistoryItem
...
We don't have reproducible steps, and not sure what's the root
cause. Anyway we should check nullness of currentItem because
HistoryController::m_currentItem can be 0.
* src/WebFrameImpl.cpp:
(WebKit::WebFrameImpl::loadHistoryItem):
Check nullness of currentItem.
[email protected]
Review URL: https://codereview.chromium.org/10960021
Modified Paths
Diff
Modified: branches/chromium/1229/Source/WebKit/chromium/src/WebFrameImpl.cpp (129176 => 129177)
--- branches/chromium/1229/Source/WebKit/chromium/src/WebFrameImpl.cpp 2012-09-20 23:19:43 UTC (rev 129176)
+++ branches/chromium/1229/Source/WebKit/chromium/src/WebFrameImpl.cpp 2012-09-20 23:31:41 UTC (rev 129177)
@@ -1016,7 +1016,7 @@
m_frame->loader()->prepareForHistoryNavigation();
RefPtr<HistoryItem> currentItem = m_frame->loader()->history()->currentItem();
- m_inSameDocumentHistoryLoad = currentItem->shouldDoSameDocumentNavigationTo(historyItem.get());
+ m_inSameDocumentHistoryLoad = currentItem && currentItem->shouldDoSameDocumentNavigationTo(historyItem.get());
m_frame->page()->goToItem(historyItem.get(),
FrameLoadTypeIndexedBackForward);
m_inSameDocumentHistoryLoad = false;
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes
