diff options
author | Andy Estes <aestes@apple.com> | 2014-03-10 14:30:54 +0100 |
---|---|---|
committer | The Qt Project <gerrit-noreply@qt-project.org> | 2014-03-10 15:03:01 +0100 |
commit | 170372f09df04c19eb281cecd1550d6b2d297f3b (patch) | |
tree | 255419fbed92d0d7d9dfd82f15cc6a6fad361cc2 | |
parent | bb9c1f33975cd0f71a7f314fc1c0f755c1b75a32 (diff) | |
download | qtwebkit-170372f09df04c19eb281cecd1550d6b2d297f3b.tar.gz |
REGRESSION (r139343): WebKit crashes when canceling a load inside
<https://webkit.org/b/119853> webView:resource:didFinishLoadingFromDataSource:
Reviewed by Brady Eidson.
Source/WebCore:
A client implementing webView:resource:didFinishLoadingFromDataSource:
might decide to call stopLoading: for the identifier that just finished
loading. If this happens we re-enter the loader and attempt to cancel a
load that has already finished and been removed from the set of active
loaders. Prevent this by clearing DocumentLoader's
m_identifierForLoadWithoutResourceLoader before calling
dispatchDidFinishLoading().
New API test: WebKit1.StopLoadingFromDidFinishLoading.
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::finishedLoading): Set
m_identifierForLoadWithoutResourceLoader to 0 before calling
dispatchDidFinishLoading().
Tools:
Wrote an API test that verifies -[WebView stopLoading:] can be called
inside webView:resource:didFinishLoadingFromDataSource: without crashing.
* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/mac/StopLoadingFromDidFinishLoading.mm: Added.
(-[StopLoadingFromDidFinishLoadingDelegate webView:resource:didFinishLoadingFromDataSource:]):
(TestWebKitAPI::TEST):
Change-Id: Ib5da6cfdd74eac0e284a512ee54e74353aba783b
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@154115 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Reviewed-by: Michael Bruning <michael.bruning@digia.com>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com>
-rw-r--r-- | Source/WebCore/loader/DocumentLoader.cpp | 7 | ||||
-rw-r--r-- | Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj | 6 |
2 files changed, 11 insertions, 2 deletions
diff --git a/Source/WebCore/loader/DocumentLoader.cpp b/Source/WebCore/loader/DocumentLoader.cpp index 9755d1ae7..b8c44116f 100644 --- a/Source/WebCore/loader/DocumentLoader.cpp +++ b/Source/WebCore/loader/DocumentLoader.cpp @@ -364,8 +364,13 @@ void DocumentLoader::finishedLoading(double finishTime) RefPtr<DocumentLoader> protect(this); if (m_identifierForLoadWithoutResourceLoader) { - frameLoader()->notifier()->dispatchDidFinishLoading(this, m_identifierForLoadWithoutResourceLoader, finishTime); + // A didFinishLoading delegate might try to cancel the load (despite it + // being finished). Clear m_identifierForLoadWithoutResourceLoader + // before calling dispatchDidFinishLoading so that we don't later try to + // cancel the already-finished substitute load. + unsigned long identifier = m_identifierForLoadWithoutResourceLoader; m_identifierForLoadWithoutResourceLoader = 0; + frameLoader()->notifier()->dispatchDidFinishLoading(this, identifier, finishTime); } #if USE(CONTENT_FILTERING) diff --git a/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj b/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj index 2d1688b9b..c484361c0 100644 --- a/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj +++ b/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj @@ -42,6 +42,7 @@ 290F4275172A221C00939FF0 /* custom-protocol-sync-xhr.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 290F4274172A1FDE00939FF0 /* custom-protocol-sync-xhr.html */; }; 290F4278172A232C00939FF0 /* CustomProtocolsSyncXHRTest.mm in Sources */ = {isa = PBXBuildFile; fileRef = 290F4276172A232C00939FF0 /* CustomProtocolsSyncXHRTest.mm */; }; 290F427B172A23A500939FF0 /* TestProtocol.mm in Sources */ = {isa = PBXBuildFile; fileRef = 290F4279172A23A500939FF0 /* TestProtocol.mm */; }; + 291861FF17BD4DC700D4E41E /* StopLoadingFromDidFinishLoading.mm in Sources */ = {isa = PBXBuildFile; fileRef = 291861FD17BD4DC700D4E41E /* StopLoadingFromDidFinishLoading.mm */; }; 2943BE86161DFEB800999E3D /* UserContentTest.mm in Sources */ = {isa = PBXBuildFile; fileRef = 2943BE84161DFEB800999E3D /* UserContentTest.mm */; }; 297234B4173AD04800983601 /* CustomProtocolsInvalidScheme.mm in Sources */ = {isa = PBXBuildFile; fileRef = 297234B2173AD04800983601 /* CustomProtocolsInvalidScheme.mm */; }; 297234B7173AFAC700983601 /* CustomProtocolsInvalidScheme_Bundle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 297234B5173AFAC700983601 /* CustomProtocolsInvalidScheme_Bundle.cpp */; }; @@ -342,6 +343,7 @@ 290F4276172A232C00939FF0 /* CustomProtocolsSyncXHRTest.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = CustomProtocolsSyncXHRTest.mm; sourceTree = "<group>"; }; 290F4279172A23A500939FF0 /* TestProtocol.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = TestProtocol.mm; sourceTree = "<group>"; }; 290F427A172A23A500939FF0 /* TestProtocol.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = TestProtocol.h; sourceTree = "<group>"; }; + 291861FD17BD4DC700D4E41E /* StopLoadingFromDidFinishLoading.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = StopLoadingFromDidFinishLoading.mm; sourceTree = "<group>"; }; 2943BE84161DFEB800999E3D /* UserContentTest.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; name = UserContentTest.mm; path = WebKit2ObjC/UserContentTest.mm; sourceTree = "<group>"; }; 297234B2173AD04800983601 /* CustomProtocolsInvalidScheme.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; name = CustomProtocolsInvalidScheme.mm; path = WebKit2ObjC/CustomProtocolsInvalidScheme.mm; sourceTree = "<group>"; }; 297234B5173AFAC700983601 /* CustomProtocolsInvalidScheme_Bundle.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = CustomProtocolsInvalidScheme_Bundle.cpp; path = WebKit2ObjC/CustomProtocolsInvalidScheme_Bundle.cpp; sourceTree = "<group>"; }; @@ -909,6 +911,8 @@ 261516D515B0E60500A2C201 /* SetAndUpdateCacheModel.mm */, 52B8CF9515868CF000281053 /* SetDocumentURI.mm */, C540F775152E4DA000A40C8C /* SimplifyMarkup.mm */, + 291861FD17BD4DC700D4E41E /* StopLoadingFromDidFinishLoading.mm */, + E194E1BA177E5145009C4D4E /* StopLoadingFromDidReceiveResponse.mm */, 3799AD3914120A43005EB0C6 /* StringByEvaluatingJavaScriptFromString.mm */, 37A6895D148A9B50005100FA /* SubresourceErrorCrash.mm */, E490296714E2E3A4002BEDD1 /* TypingStyleCrash.mm */, @@ -917,7 +921,6 @@ 37E38C33169B7D010084C28C /* WebViewDidRemoveFrameFromHierarchy.mm */, 1A7BFC0A171A0BDB00BC5F64 /* WillSendSubmitEvent.mm */, A5E2027215B2181900C13E14 /* WindowlessWebViewWithMedia.mm */, - E194E1BA177E5145009C4D4E /* StopLoadingFromDidReceiveResponse.mm */, ); path = mac; sourceTree = "<group>"; @@ -1080,6 +1083,7 @@ BC246D8E132F115A00B56D7C /* AboutBlankLoad.cpp in Sources */, 297234B4173AD04800983601 /* CustomProtocolsInvalidScheme.mm in Sources */, 379028B614FABD92007E6B43 /* AcceptsFirstMouse.mm in Sources */, + 291861FF17BD4DC700D4E41E /* StopLoadingFromDidFinishLoading.mm in Sources */, 26F1B44415CA434F00D1E4BF /* AtomicString.cpp in Sources */, B55F11A01516834F00915916 /* AttributedString.mm in Sources */, 00CD9F6315BE312C002DA2CE /* BackForwardList.mm in Sources */, |