This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
REGRESSION (r125592): Crash in Console::addMessage, under InjectedBun…
…dle::reportException https://bugs.webkit.org/show_bug.cgi?id=94220 Reviewed by Alexey Proskuryakov. Previously, this code was trying to detect whether a DOMWindow is currently displayed in a Frame by testing whether DOMWindow->scriptExecutionContext is zero. That used to work, but now that DOMWindow->scriptExecutionContext is non-zero for detached DOMWindow, this code doesn't work anymore. This patch replaces the code with the current idiom, which is to call DOMWindow::isCurrentDisplayedInFrame. Alexey and I couldn't figure out how to test this change. This bug causes a crash when some Safari extensions are installed, but it's not clear whether this bug can be triggered from the web platform. We're going to ask Jessie for ideas when she gets back from vacation. * bindings/js/JSDOMBinding.cpp: (WebCore::reportException): Canonical link: https://commits.webkit.org/112163@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@125912 268f45cc-cd09-0410-ab3c-d52691b4dbfc
- Loading branch information
Showing 2 changed files with 26 additions and 7 deletions.