From 200773b84f3411d64368e79da928a279e456726b Mon Sep 17 00:00:00 2001 From: "beidson@apple.com" Date: Sat, 21 Jan 2012 00:45:19 +0000 Subject: [PATCH] and https://bugs.webkit.org/show_bug.cgi?id=62764 Frequent crashes due to null frame below ApplicationCacheHost::scheduleLoadFallbackResourceFromApplicationCache Reviewed by Sam Weinig. No way to reproduce without special malloc debugging and that doesn't even reproduce on all platforms. So still no test. * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::detachFromFrame): Protect m_frame for the duration of this method. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@105556 268f45cc-cd09-0410-ab3c-d52691b4dbfc --- Source/WebCore/ChangeLog | 12 ++++++++++++ Source/WebCore/loader/DocumentLoader.cpp | 1 + 2 files changed, 13 insertions(+) mode change 100755 => 100644 Source/WebCore/ChangeLog diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog old mode 100755 new mode 100644 index 9b92012..96dd800 --- a/Source/WebCore/ChangeLog +++ b/Source/WebCore/ChangeLog @@ -1,3 +1,15 @@ +2012-01-20 Brady Eidson + + and https://bugs.webkit.org/show_bug.cgi?id=62764 + Frequent crashes due to null frame below ApplicationCacheHost::scheduleLoadFallbackResourceFromApplicationCache + + Reviewed by Sam Weinig. + + No way to reproduce without special malloc debugging and that doesn't even reproduce on all platforms. So still no test. + + * loader/DocumentLoader.cpp: + (WebCore::DocumentLoader::detachFromFrame): Protect m_frame for the duration of this method. + 2012-01-20 Alexey Proskuryakov WebCore should not send invalid URLs to client createWindow methods. diff --git a/Source/WebCore/loader/DocumentLoader.cpp b/Source/WebCore/loader/DocumentLoader.cpp index 1e38660..7df38ec 100644 --- a/Source/WebCore/loader/DocumentLoader.cpp +++ b/Source/WebCore/loader/DocumentLoader.cpp @@ -405,6 +405,7 @@ void DocumentLoader::attachToFrame() void DocumentLoader::detachFromFrame() { ASSERT(m_frame); + RefPtr protector(m_frame); // It never makes sense to have a document loader that is detached from its // frame have any loads active, so go ahead and kill all the loads. -- 2.7.4