Title: [211252] branches/safari-603-branch/Source/WebCore
- Revision
- 211252
- Author
- akl...@apple.com
- Date
- 2017-01-26 20:29:16 -0800 (Thu, 26 Jan 2017)
Log Message
Branch-specific fix for a crash seen after merging r201777.
<rdar://problem/30209068>
Reviewed by Andy Estes.
Add null checking of the FrameView in Document::destroyRenderTree() before
calling functions on it. This is not necessary in trunk, as the FrameView
is guaranteed to be present there.
FrameView can be missing on the branch, since render trees for page cached documents
are destroyed when leaving the page cache, not when entering it (trunk behavior.)
When leaving the page cache, the FrameView is already detached, hence the bug.
* dom/Document.cpp:
(WebCore::Document::destroyRenderTree):
Modified Paths
Diff
Modified: branches/safari-603-branch/Source/WebCore/ChangeLog (211251 => 211252)
--- branches/safari-603-branch/Source/WebCore/ChangeLog 2017-01-27 04:22:29 UTC (rev 211251)
+++ branches/safari-603-branch/Source/WebCore/ChangeLog 2017-01-27 04:29:16 UTC (rev 211252)
@@ -1,3 +1,21 @@
+2017-01-26 Andreas Kling <akl...@apple.com>
+
+ Branch-specific fix for a crash seen after merging r201777.
+ <rdar://problem/30209068>
+
+ Reviewed by Andy Estes.
+
+ Add null checking of the FrameView in Document::destroyRenderTree() before
+ calling functions on it. This is not necessary in trunk, as the FrameView
+ is guaranteed to be present there.
+
+ FrameView can be missing on the branch, since render trees for page cached documents
+ are destroyed when leaving the page cache, not when entering it (trunk behavior.)
+ When leaving the page cache, the FrameView is already detached, hence the bug.
+
+ * dom/Document.cpp:
+ (WebCore::Document::destroyRenderTree):
+
2017-01-25 Matthew Hanson <matthew_han...@apple.com>
Merge r211151. rdar://problem/30171195
Modified: branches/safari-603-branch/Source/WebCore/dom/Document.cpp (211251 => 211252)
--- branches/safari-603-branch/Source/WebCore/dom/Document.cpp 2017-01-27 04:22:29 UTC (rev 211251)
+++ branches/safari-603-branch/Source/WebCore/dom/Document.cpp 2017-01-27 04:29:16 UTC (rev 211252)
@@ -2219,10 +2219,7 @@
{
ASSERT(hasLivingRenderTree());
ASSERT(m_pageCacheState != InPageCache);
- ASSERT(frame()->view());
- FrameView& frameView = *frame()->view();
-
SetForScope<bool> change(m_renderTreeBeingDestroyed, true);
if (this == &topDocument())
@@ -2230,7 +2227,8 @@
documentWillBecomeInactive();
- frameView.willDestroyRenderTree();
+ if (auto* frameView = view())
+ frameView->willDestroyRenderTree();
#if ENABLE(FULLSCREEN_API)
if (m_fullScreenRenderer)
@@ -2257,7 +2255,8 @@
m_textAutoSizedNodes.clear();
#endif
- frameView.didDestroyRenderTree();
+ if (auto* frameView = view())
+ frameView->didDestroyRenderTree();
}
void Document::prepareForDestruction()
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
