WebKit Bugzilla
Attachment 339019 Details for
Bug 185088
: Fix crash in DocumentLoader::startLoadingMainResource
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-185088-20180427135150.patch (text/plain), 2.26 KB, created by
Keith Rollin
on 2018-04-27 13:51:51 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Keith Rollin
Created:
2018-04-27 13:51:51 PDT
Size:
2.26 KB
patch
obsolete
>Subversion Revision: 231108 >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index 7d99846b09e828719ba00103ca32dcaf8aa80cd2..40c1381236c14d6ec3fdb3a45fbd3d85634564bd 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,19 @@ >+2018-04-27 Keith Rollin <krollin@apple.com> >+ >+ Fix crash in DocumentLoader::startLoadingMainResource >+ https://bugs.webkit.org/show_bug.cgi?id=185088 >+ rdar://problem/39689263 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Add a "protectedThis" to address a case where a deleted "this" was >+ accessed in a RELEASE_LOG statement. >+ >+ No new tests -- covered by existing tests, which now pass. >+ >+ * loader/DocumentLoader.cpp: >+ (WebCore::DocumentLoader::startLoadingMainResource): >+ > 2018-04-27 Zalan Bujtas <zalan@apple.com> > > [LFC] Implement BlockFormattingContext::layout logic and its dependencies >diff --git a/Source/WebCore/loader/DocumentLoader.cpp b/Source/WebCore/loader/DocumentLoader.cpp >index d0f1474022e42cc8999ab8208c445d670a560e45..4cc1b18449716049b412f3ac623ad110c91fa01f 100644 >--- a/Source/WebCore/loader/DocumentLoader.cpp >+++ b/Source/WebCore/loader/DocumentLoader.cpp >@@ -1674,6 +1674,8 @@ void DocumentLoader::startLoadingMainResource(ShouldContinue shouldContinue) > ASSERT(!m_loadingMainResource); > m_loadingMainResource = true; > >+ Ref<DocumentLoader> protectedThis(*this); >+ > if (maybeLoadEmpty()) { > RELEASE_LOG_IF_ALLOWED("startLoadingMainResource: Returning empty document (frame = %p, main = %d)", m_frame, m_frame ? m_frame->isMainFrame() : false); > return; >@@ -1694,7 +1696,7 @@ void DocumentLoader::startLoadingMainResource(ShouldContinue shouldContinue) > ASSERT(timing().startTime()); > ASSERT(timing().fetchStart()); > >- willSendRequest(ResourceRequest(m_request), ResourceResponse(), shouldContinue, [this, protectedThis = makeRef(*this)] (ResourceRequest&& request) mutable { >+ willSendRequest(ResourceRequest(m_request), ResourceResponse(), shouldContinue, [this, protectedThis = WTFMove(protectedThis)] (ResourceRequest&& request) mutable { > m_request = request; > > // willSendRequest() may lead to our Frame being detached or cancelling the load via nulling the ResourceRequest.
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=339019">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 185088
: 339019