Changeset 179880 in webkit


Ignore:
Timestamp:
Feb 10, 2015 1:44:01 PM (9 years ago)
Author:
Chris Dumez
Message:

Add assertion to help track down WebCore::DocumentLoader::stopLoadingForPolicyChange() crash
https://bugs.webkit.org/show_bug.cgi?id=141441
<rdar://problem/13811738>

Reviewed by Alexey Proskuryakov.

Add assertion to help track down a crash in
WebCore::DocumentLoader::stopLoadingForPolicyChange().

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::~DocumentLoader):
Make sure the DocumentLoader is not waiting for a content policy
response when it is destroyed. If this were to happen, then the
lambda function passed to PolicyChecker::checkContentPolicy()
would outlive the DocumentLoader. This is an issue because
that lambda function captures [this], which is the DocumentLoader.
This would cause DocumentLoader::continueAfterContentPolicy() to
be called after the DocumentLoader has been destroyed, which would
explain the crash.

Location:
trunk/Source/WebCore
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/WebCore/ChangeLog

    r179877 r179880  
     12015-02-10  Chris Dumez  <cdumez@apple.com>
     2
     3        Add assertion to help track down WebCore::DocumentLoader::stopLoadingForPolicyChange() crash
     4        https://bugs.webkit.org/show_bug.cgi?id=141441
     5        <rdar://problem/13811738>
     6
     7        Reviewed by Alexey Proskuryakov.
     8
     9        Add assertion to help track down a crash in
     10        WebCore::DocumentLoader::stopLoadingForPolicyChange().
     11
     12        * loader/DocumentLoader.cpp:
     13        (WebCore::DocumentLoader::~DocumentLoader):
     14        Make sure the DocumentLoader is not waiting for a content policy
     15        response when it is destroyed. If this were to happen, then the
     16        lambda function passed to PolicyChecker::checkContentPolicy()
     17        would outlive the DocumentLoader. This is an issue because
     18        that lambda function captures [this], which is the DocumentLoader.
     19        This would cause DocumentLoader::continueAfterContentPolicy() to
     20        be called after the DocumentLoader has been destroyed, which would
     21        explain the crash.
     22
    1232015-02-07  Zalan Bujtas  <zalan@apple.com>
    224
  • trunk/Source/WebCore/loader/DocumentLoader.cpp

    r179489 r179880  
    162162{
    163163    ASSERT(!m_frame || frameLoader()->activeDocumentLoader() != this || !isLoading());
     164    ASSERT(!m_waitingForContentPolicy);
    164165    if (m_iconLoadDecisionCallback)
    165166        m_iconLoadDecisionCallback->invalidate();
Note: See TracChangeset for help on using the changeset viewer.