[webkit-changes] [131561] trunk/Source/WebCore

Wed, 17 Oct 2012 01:03:50 -0700

Title: [131561] trunk/Source/WebCore
Revision
131561
Author
morr...@google.com
Date
2012-10-17 01:00:16 -0700 (Wed, 17 Oct 2012)

Log Message

Crash on Frame::inScope() part 2
https://bugs.webkit.org/show_bug.cgi?id=99543

Reviewed by Kent Tamura.

FrameTree::scopedChildCount() can be called even when the one of child frames
is in orphan state. This change added a guard for that case.

No new tests. A hard-to-test timing issue.

* page/Frame.cpp:
(WebCore::Frame::inScope):

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (131560 => 131561)


--- trunk/Source/WebCore/ChangeLog	2012-10-17 07:54:23 UTC (rev 131560)
+++ trunk/Source/WebCore/ChangeLog	2012-10-17 08:00:16 UTC (rev 131561)
@@ -1,3 +1,18 @@
+2012-10-17  MORITA Hajime  <morr...@google.com>
+
+        Crash on Frame::inScope() part 2
+        https://bugs.webkit.org/show_bug.cgi?id=99543
+
+        Reviewed by Kent Tamura.
+
+        FrameTree::scopedChildCount() can be called even when the one of child frames
+        is in orphan state. This change added a guard for that case.
+
+        No new tests. A hard-to-test timing issue.
+
+        * page/Frame.cpp:
+        (WebCore::Frame::inScope):
+
 2012-10-17  Shinya Kawanaka  <shin...@chromium.org>
 
         Remove shadowAncestorNode() from VisibleSelection

Modified: trunk/Source/WebCore/page/Frame.cpp (131560 => 131561)


--- trunk/Source/WebCore/page/Frame.cpp	2012-10-17 07:54:23 UTC (rev 131560)
+++ trunk/Source/WebCore/page/Frame.cpp	2012-10-17 08:00:16 UTC (rev 131561)
@@ -236,9 +236,12 @@
 bool Frame::inScope(TreeScope* scope) const
 {
     ASSERT(scope);
-    HTMLFrameOwnerElement* owner = document()->ownerElement();
-    // Scoping test should be done only for child frames.
-    ASSERT(owner);
+    Document* doc = document();
+    if (!doc)
+        return false;
+    HTMLFrameOwnerElement* owner = doc->ownerElement();
+    if (!owner)
+        return false;
     return owner->treeScope() == scope;
 }
 

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to