[webkit-changes] [199482] releases/WebKitGTK/webkit-2.12/Source/WebKit2

Wed, 13 Apr 2016 07:53:10 -0700

Title: [199482] releases/WebKitGTK/webkit-2.12/Source/WebKit2
Revision
199482
Author
[email protected]
Date
2016-04-13 07:52:46 -0700 (Wed, 13 Apr 2016)

Log Message

Merge r199027 - Tapping on tabs in webpages caused WK crash at WebKit: WebKit::WebFrame::didReceivePolicyDecision
https://bugs.webkit.org/show_bug.cgi?id=156119
<rdar://problem/20732167>

Reviewed by Andy Estes.

Protect the m_frame so that it is present for completion handlers.

* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForResponse):
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

Modified Paths

Diff

Modified: releases/WebKitGTK/webkit-2.12/Source/WebKit2/ChangeLog (199481 => 199482)


--- releases/WebKitGTK/webkit-2.12/Source/WebKit2/ChangeLog	2016-04-13 14:51:36 UTC (rev 199481)
+++ releases/WebKitGTK/webkit-2.12/Source/WebKit2/ChangeLog	2016-04-13 14:52:46 UTC (rev 199482)
@@ -1,3 +1,17 @@
+2016-04-04  Jiewen Tan  <[email protected]>
+
+        Tapping on tabs in webpages caused WK crash at WebKit: WebKit::WebFrame::didReceivePolicyDecision
+        https://bugs.webkit.org/show_bug.cgi?id=156119
+        <rdar://problem/20732167>
+
+        Reviewed by Andy Estes.
+
+        Protect the m_frame so that it is present for completion handlers.
+
+        * WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
+        (WebKit::WebFrameLoaderClient::dispatchDecidePolicyForResponse):
+        (WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
+
 2016-04-04  Emanuele Aina  <[email protected]>
 
         Fix WEB_PROCESS_CMD_PREFIX and NETWORK_PROCESS_CMD_PREFIX after r196500

Modified: releases/WebKitGTK/webkit-2.12/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp (199481 => 199482)


--- releases/WebKitGTK/webkit-2.12/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp	2016-04-13 14:51:36 UTC (rev 199481)
+++ releases/WebKitGTK/webkit-2.12/Source/WebKit2/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp	2016-04-13 14:52:46 UTC (rev 199482)
@@ -706,7 +706,8 @@
     uint64_t policyAction;
     DownloadID downloadID;
 
-    WebCore::Frame* coreFrame = m_frame ? m_frame->coreFrame() : nullptr;
+    Ref<WebFrame> protect(*m_frame);
+    WebCore::Frame* coreFrame = m_frame->coreFrame();
     if (!webPage->sendSync(Messages::WebPageProxy::DecidePolicyForResponseSync(m_frame->frameID(), SecurityOriginData::fromFrame(coreFrame), response, request, canShowMIMEType, listenerID, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get())), Messages::WebPageProxy::DecidePolicyForResponseSync::Reply(receivedPolicyAction, policyAction, downloadID), std::chrono::milliseconds::max(), IPC::InformPlatformProcessWillSuspend)) {
         m_frame->didReceivePolicyDecision(listenerID, PolicyIgnore, 0, { });
         return;
@@ -818,6 +819,7 @@
         documentLoader = static_cast<WebDocumentLoader*>(coreFrame->loader().documentLoader());
 
     // Notify the UIProcess.
+    Ref<WebFrame> protect(*m_frame);
     WebCore::Frame* originatingCoreFrame = originatingFrame ? originatingFrame->coreFrame() : nullptr;
     if (!webPage->sendSync(Messages::WebPageProxy::DecidePolicyForNavigationAction(m_frame->frameID(), SecurityOriginData::fromFrame(coreFrame), documentLoader->navigationID(), navigationActionData, originatingFrame ? originatingFrame->frameID() : 0, SecurityOriginData::fromFrame(originatingCoreFrame), navigationAction.resourceRequest(), request, listenerID, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get())), Messages::WebPageProxy::DecidePolicyForNavigationAction::Reply(receivedPolicyAction, newNavigationID, policyAction, downloadID))) {
         m_frame->didReceivePolicyDecision(listenerID, PolicyIgnore, 0, { });

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to