Bug 97688

Summary: [Chromium] Fix find-in-page corner case for detached frames
Product: WebKit Reporter: Leandro Graciá Gil <leandrogracia>
Component: WebKit Misc.Assignee: Leandro Graciá Gil <leandrogracia>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, dglazkov, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch none

Leandro Graciá Gil
Reported 2012-09-26 08:45:57 PDT
The find-in-page code refactoring introduced by 96402 to prevent cases where the final update was not sent made the request reset happen before the shouldScopeMatches check. This check verifies if the view is available and prevented any further processing on detached frames. With the newly introduced changes, one of the operations performed during reset tries to access the page, leading to crashes on detached frame cases. This should be properly checked before trying to access the page.
Attachments
Patch (1.56 KB, patch)
2012-09-26 08:50 PDT, Leandro Graciá Gil 		no flags
DetailsFormatted DiffDiff
Patch (1.57 KB, patch)
2012-09-26 09:17 PDT, Leandro Graciá Gil 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Leandro Graciá Gil
Comment 1 2012-09-26 08:50:30 PDT
Created attachment 165813 [details] Patch
WebKit Review Bot
Comment 2 2012-09-26 09:11:00 PDT
Comment on attachment 165813 [details] Patch Attachment 165813 [details] did not pass chromium-ews (chromium-xvfb): Output: http://queues.webkit.org/results/14030525
Adam Barth
Comment 3 2012-09-26 09:14:45 PDT
Comment on attachment 165813 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=165813&action=review We really need better testing for this feature. I don't want to hold up this patch over lack of testing, but that's the reason we're having these sorts of troubles. > Source/WebKit/chromium/src/WebFrameImpl.cpp:1734 > - if (frame() && frame()->editor()->markedTextMatchesAreHighlighted()) > + if (frame() && frame->page() && frame()->editor()->markedTextMatchesAreHighlighted()) frame -> frame()
Leandro Graciá Gil
Comment 4 2012-09-26 09:17:54 PDT
Created attachment 165822 [details] Patch
Leandro Graciá Gil
Comment 5 2012-09-26 09:18:05 PDT
Comment on attachment 165813 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=165813&action=review >> Source/WebKit/chromium/src/WebFrameImpl.cpp:1734 >> + if (frame() && frame->page() && frame()->editor()->markedTextMatchesAreHighlighted()) > > frame -> frame() Fixed. Sorry for the nit.
Leandro Graciá Gil
Comment 6 2012-09-26 09:19:01 PDT
(In reply to comment #3) > (From update of attachment 165813 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=165813&action=review > > We really need better testing for this feature. I don't want to hold up this patch over lack of testing, but that's the reason we're having these sorts of troubles. Completely agree. It proved to be trickier than it seems and with corner cases that need proper coverage.
Adam Barth
Comment 7 2012-09-26 10:04:25 PDT
Comment on attachment 165822 [details] Patch ok...
WebKit Review Bot
Comment 8 2012-09-26 10:27:07 PDT
Comment on attachment 165822 [details] Patch Clearing flags on attachment: 165822 Committed r129666: <http://trac.webkit.org/changeset/129666>
WebKit Review Bot
Comment 9 2012-09-26 10:27:11 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.