Skip to content

GitLab

T
tangled
Commit 324749df authored by Ulan Degenbaev's avatar Ulan Degenbaev Committed by Chromium LUCI CQ
Browse files
Options

Fix missing parent frame node initialization in V8ContextTracker 

Bug: 1085129
Change-Id: I14e36d7e7901ec308ca469d32bf9a7eabc949637
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2617789Reviewed-by: default avatarJoe Mason <joenotcharles@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#842581}
parent 73a91067
Hide whitespace changes
Inline Side-by-side
Showing with 64 additions and 1 deletion
components/performance_manager/v8_memory/v8_context_tracker.cc
View file @ 324749df
...@@ -200,6 +200,7 @@ void V8ContextTracker::OnRemoteIframeAttached( ...@@ -200,6 +200,7 @@ void V8ContextTracker::OnRemoteIframeAttached(
FrameNodeImpl* parent_frame_node, FrameNodeImpl* parent_frame_node,
const blink::RemoteFrameToken& remote_frame_token, const blink::RemoteFrameToken& remote_frame_token,
mojom::IframeAttributionDataPtr iframe_attribution_data) { mojom::IframeAttributionDataPtr iframe_attribution_data) {
DCHECK(parent_frame_node);
DCHECK_ON_GRAPH_SEQUENCE(parent_frame_node->graph()); DCHECK_ON_GRAPH_SEQUENCE(parent_frame_node->graph());
// RemoteFrameTokens are issued by the browser to a renderer, so if we receive // RemoteFrameTokens are issued by the browser to a renderer, so if we receive
...@@ -222,7 +223,8 @@ void V8ContextTracker::OnRemoteIframeAttached( ...@@ -222,7 +223,8 @@ void V8ContextTracker::OnRemoteIframeAttached(
}; };
std::unique_ptr<Data> data( std::unique_ptr<Data> data(
new Data{mojo::GetBadMessageCallback(), remote_frame_token, new Data{mojo::GetBadMessageCallback(), remote_frame_token,
std::move(iframe_attribution_data), nullptr}); std::move(iframe_attribution_data), nullptr,
parent_frame_node->GetWeakPtr()});
auto on_pm_seq = base::BindOnce([](std::unique_ptr<Data> data, Graph* graph) { auto on_pm_seq = base::BindOnce([](std::unique_ptr<Data> data, Graph* graph) {
DCHECK(data); DCHECK(data);
...@@ -477,6 +479,11 @@ void V8ContextTracker::OnRemoteIframeAttachedImpl( ...@@ -477,6 +479,11 @@ void V8ContextTracker::OnRemoteIframeAttachedImpl(
DCHECK(bad_message_callback); DCHECK(bad_message_callback);
DCHECK_ON_GRAPH_SEQUENCE(frame_node->graph()); DCHECK_ON_GRAPH_SEQUENCE(frame_node->graph());
if (!frame_node->parent_frame_node()) {
// This may happen for custom HTML elements. Ignore such calls.
return;
}
if (frame_node->parent_frame_node() != parent_frame_node) { if (frame_node->parent_frame_node() != parent_frame_node) {
std::move(bad_message_callback) std::move(bad_message_callback)
.Run("OnRemoteIframeAttached has wrong parent frame"); .Run("OnRemoteIframeAttached has wrong parent frame");
......
components/performance_manager/v8_memory/v8_context_tracker_browsertest.cc
View file @ 324749df
...@@ -58,6 +58,62 @@ IN_PROC_BROWSER_TEST_F(V8ContextTrackerTest, AboutBlank) { ...@@ -58,6 +58,62 @@ IN_PROC_BROWSER_TEST_F(V8ContextTrackerTest, AboutBlank) {
ExpectCounts(1, 1, 0, 0); ExpectCounts(1, 1, 0, 0);
} }
IN_PROC_BROWSER_TEST_F(V8ContextTrackerTest, SameOriginIframeAttributionData) {
GURL urla(embedded_test_server()->GetURL("a.com", "/a_embeds_a.html"));
ASSERT_TRUE(NavigateToURL(shell(), urla));
// Get pointers to the RFHs for each frame.
auto* contents = shell()->web_contents();
content::RenderFrameHost* main_rfh = contents->GetMainFrame();
content::RenderFrameHost* child_rfh = nullptr;
auto frames = contents->GetAllFrames();
ASSERT_EQ(2u, frames.size());
for (auto* rfh : contents->GetAllFrames()) {
if (rfh != main_rfh)
child_rfh = rfh;
}
auto frame_node =
PerformanceManager::GetFrameNodeForRenderFrameHost(child_rfh);
RunInGraph([&frame_node](Graph* graph) {
ASSERT_TRUE(frame_node);
auto* v8_context_tracker = V8ContextTracker::GetFromGraph(graph);
ASSERT_TRUE(v8_context_tracker);
auto* ec_state = v8_context_tracker->GetExecutionContextState(
frame_node->GetFrameToken());
ASSERT_TRUE(ec_state);
ASSERT_TRUE(ec_state->iframe_attribution_data);
});
}
IN_PROC_BROWSER_TEST_F(V8ContextTrackerTest, CrossOriginIframeAttributionData) {
GURL urla(embedded_test_server()->GetURL("a.com", "/a_embeds_b.html"));
ASSERT_TRUE(NavigateToURL(shell(), urla));
// Get pointers to the RFHs for each frame.
auto* contents = shell()->web_contents();
content::RenderFrameHost* main_rfh = contents->GetMainFrame();
content::RenderFrameHost* child_rfh = nullptr;
auto frames = contents->GetAllFrames();
ASSERT_EQ(2u, frames.size());
for (auto* rfh : contents->GetAllFrames()) {
if (rfh != main_rfh)
child_rfh = rfh;
}
auto frame_node =
PerformanceManager::GetFrameNodeForRenderFrameHost(child_rfh);
RunInGraph([&frame_node](Graph* graph) {
ASSERT_TRUE(frame_node);
auto* v8_context_tracker = V8ContextTracker::GetFromGraph(graph);
ASSERT_TRUE(v8_context_tracker);
auto* ec_state = v8_context_tracker->GetExecutionContextState(
frame_node->GetFrameToken());
ASSERT_TRUE(ec_state);
ASSERT_TRUE(ec_state->iframe_attribution_data);
});
}
IN_PROC_BROWSER_TEST_F(V8ContextTrackerTest, SameDocNavigation) { IN_PROC_BROWSER_TEST_F(V8ContextTrackerTest, SameDocNavigation) {
ExpectCounts(0, 0, 0, 0); ExpectCounts(0, 0, 0, 0);
GURL urla(embedded_test_server()->GetURL("a.com", "/a_embeds_b.html")); GURL urla(embedded_test_server()->GetURL("a.com", "/a_embeds_b.html"));
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment