Bug 194641

Summary:

Crash in WKBundleFrameGetParentFrame when called inside didRemoveFrameFromHierarchy

Product:

WebKit

Reporter:

Ryosuke Niwa <rniwa>

Component:

WebKit2

Assignee:

Ryosuke Niwa <rniwa>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

achristensen, beidson, cdumez, ggaren, koivisto

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Fixes the bug	none

Ryosuke Niwa

Reported 2019-02-13 21:36:10 PST

When WKBundleFrameGetParentFrame is called inside PageLoaderClient's didRemoveFrameFromHierarchy, we crash WebFrame::parentFrame() because owner element's document no longer has a frame.

Attachments
Fixes the bug (3.37 KB, patch) 2019-02-13 21:43 PST, Ryosuke Niwa	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Ryosuke Niwa

Comment 1 2019-02-13 21:43:21 PST

Created attachment 361994 [details] Fixes the bug

Ryosuke Niwa

Comment 2 2019-02-13 21:43:46 PST

<rdar://problem/31441007>

Geoffrey Garen

Comment 3 2019-02-13 22:09:18 PST

Comment on attachment 361994 [details] Fixes the bug r=me

Ryosuke Niwa

Comment 4 2019-02-13 22:47:33 PST

Comment on attachment 361994 [details] Fixes the bug Clearing flags on attachment: 361994 Committed r241500: <https://trac.webkit.org/changeset/241500>

Ryosuke Niwa

Comment 5 2019-02-13 22:47:35 PST

All reviewed patches have been landed. Closing bug.

Note You need to log in before you can comment on or make changes to this bug.