Skip to content
Permalink
Browse files
REGRESSION(r227758): Webpage fails to load due to crash in com.apple.…
…WebKit: WebKit::WebFrameLoaderClient::dispatchDecidePolicyForResponse + 267

https://bugs.webkit.org/show_bug.cgi?id=182532
<rdar://problem/36414017>

Patch by Antti Koivisto  <antti@apple.com> and Youenn Fablet <youenn@apple.com> on 2018-02-07
Reviewed by Chris Dumez.

No test case, don't know how to make one. The repro involves multipart HTTP streaming and details are hazy.
We were calling a function that was WTFMoved away just a few lines above.

* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForResponse):

Canonical link: https://commits.webkit.org/198394@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@228257 268f45cc-cd09-0410-ab3c-d52691b4dbfc
  • Loading branch information
anttijk authored and webkit-commit-queue committed Feb 8, 2018
1 parent aee9497 commit 89df8966863b9e2593786c49a2441e24d53b88b3
Showing with 22 additions and 7 deletions.
  1. +14 −0 Source/WebKit/ChangeLog
  2. +8 −7 Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp
@@ -1,3 +1,17 @@
2018-02-07 Antti Koivisto <antti@apple.com> and Youenn Fablet <youenn@apple.com>

REGRESSION(r227758): Webpage fails to load due to crash in com.apple.WebKit: WebKit::WebFrameLoaderClient::dispatchDecidePolicyForResponse + 267
https://bugs.webkit.org/show_bug.cgi?id=182532
<rdar://problem/36414017>

Reviewed by Chris Dumez.

No test case, don't know how to make one. The repro involves multipart HTTP streaming and details are hazy.
We were calling a function that was WTFMoved away just a few lines above.

* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForResponse):

2018-02-07 Tim Horton <timothy_horton@apple.com>

Evernote device management web view sometimes displays at the wrong scale
@@ -739,18 +739,19 @@ void WebFrameLoaderClient::dispatchDecidePolicyForResponse(const ResourceRespons

bool canShowMIMEType = webPage->canShowMIMEType(response.mimeType());

WebCore::Frame* coreFrame = m_frame->coreFrame();
auto* policyDocumentLoader = coreFrame ? coreFrame->loader().provisionalDocumentLoader() : nullptr;
if (!policyDocumentLoader) {
function(PolicyAction::Ignore);
return;
}

Ref<WebFrame> protector(*m_frame);
uint64_t listenerID = m_frame->setUpPolicyListener(WTFMove(function), WebFrame::ForNavigationAction::No);
bool receivedPolicyAction;
PolicyAction policyAction;
DownloadID downloadID;

Ref<WebFrame> protect(*m_frame);
WebCore::Frame* coreFrame = m_frame->coreFrame();
if (!coreFrame)
return function(PolicyAction::Ignore);
auto* policyDocumentLoader = coreFrame->loader().provisionalDocumentLoader();
if (!policyDocumentLoader)
return function(PolicyAction::Ignore);
auto navigationID = static_cast<WebDocumentLoader&>(*policyDocumentLoader).navigationID();
if (!webPage->sendSync(Messages::WebPageProxy::DecidePolicyForResponseSync(m_frame->frameID(), SecurityOriginData::fromFrame(coreFrame), navigationID, response, request, canShowMIMEType, listenerID, UserData(WebProcess::singleton().transformObjectsToHandles(userData.get()).get())), Messages::WebPageProxy::DecidePolicyForResponseSync::Reply(receivedPolicyAction, policyAction, downloadID), Seconds::infinity(), IPC::SendSyncOption::InformPlatformProcessWillSuspend)) {
m_frame->didReceivePolicyDecision(listenerID, PolicyAction::Ignore, 0, { }, { });

0 comments on commit 89df896

Please sign in to comment.