Issue 145493005: Keep frames to navigate alive in HistoryController::goToEntry()

Issue 145493005: Keep frames to navigate alive in HistoryController::goToEntry() (Closed)

Created:
6 years, 11 months ago by Jens Widell

Modified:
6 years, 11 months ago

Reviewers:
arv (Not doing code reviews), Nate Chapin

CC:
blink-reviews, Nate Chapin, gavinp+loader_chromium.org

Base URL:
https://chromium.googlesource.com/chromium/blink.git@master

Visibility:
Public.

More Reviews

Description

Keep frames to navigate alive in HistoryController::goToEntry() Otherwise, if a script executed during the navigation of one frame (for instance a popstate event handler) removes other frames from the document, the calls to navigate those frames later on are given pointers to dead objects. This patch makes the more localized fix committed as r165081 redundant, and thus reverts it from FrameLoader::loadHistoryItem(). BUG=337120 Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=165724

Patch Set 1 #

Total comments: 3

Patch Set 2 : improved as suggested in review #

Created: 6 years, 11 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+70 lines, -6 lines)			Patch
A	LayoutTests/fast/loader/remove-iframe-during-history-navigation-different.html	View		1 chunk	+33 lines, -0 lines	0 comments	Download
A +	LayoutTests/fast/loader/remove-iframe-during-history-navigation-different-expected.txt	View		0 chunks	+-1 lines, --1 lines	0 comments	Download
A	LayoutTests/fast/loader/remove-iframe-during-history-navigation-same.html	View		1 chunk	+30 lines, -0 lines	0 comments	Download
A +	LayoutTests/fast/loader/remove-iframe-during-history-navigation-same-expected.txt	View		0 chunks	+-1 lines, --1 lines	0 comments	Download
M	Source/core/loader/FrameLoader.cpp	View	1	1 chunk	+0 lines, -3 lines	0 comments	Download
M	Source/core/page/HistoryController.h	View	1	1 chunk	+1 line, -1 line	0 comments	Download
M	Source/core/page/HistoryController.cpp	View	1	1 chunk	+8 lines, -4 lines	0 comments	Download

Messages

Total messages: 8 (0 generated)

Expand Messages | Collapse Messages

Jens Widell

Hi arv, an improved/extended version of my previous popstate-nukes-iframe crash fix.

6 years, 11 months ago (2014-01-23 12:18:29 UTC) #1

Nate Chapin

https://codereview.chromium.org/145493005/diff/1/Source/core/page/HistoryController.cpp File Source/core/page/HistoryController.cpp (right): https://codereview.chromium.org/145493005/diff/1/Source/core/page/HistoryController.cpp#newcode192 Source/core/page/HistoryController.cpp:192: it->key->loader().loadHistoryItem(it->value->item(), HistorySameDocumentLoad, cachePolicy); Rather than checking m_client in loadHistoryItem(), ...

6 years, 11 months ago (2014-01-23 18:19:11 UTC) #2

Jens Widell

Patch updated. https://codereview.chromium.org/145493005/diff/1/Source/core/page/HistoryController.h File Source/core/page/HistoryController.h (right): https://codereview.chromium.org/145493005/diff/1/Source/core/page/HistoryController.h#newcode159 Source/core/page/HistoryController.h:159: typedef HashMap<Frame*, OwnPtr<HistoryFrameLoad> > HistoryFrameLoadSet; On 2014/01/23 ...

6 years, 11 months ago (2014-01-23 18:52:18 UTC) #3

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/jl@opera.com/145493005/70001

6 years, 11 months ago (2014-01-23 18:57:47 UTC) #5

commit-bot: I haz the power

Retried try job too often on linux_blink for step(s) webkit_tests http://build.chromium.org/p/tryserver.chromium/buildstatus?builder=linux_blink&number=8994

6 years, 11 months ago (2014-01-23 23:26:26 UTC) #6

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/jl@opera.com/145493005/70001

6 years, 11 months ago (2014-01-24 06:34:31 UTC) #7

Message was sent while issue was closed.

Change committed as 165724

Expand Messages | Collapse Messages