Skip to content

GitLab

T
tangled
Commit 5ac77eb5 authored by japhet@chromium.org's avatar japhet@chromium.org
Browse files
Options

Delay calling FrameOwner::setWidget when doing a remote->local frame transition 

If we call setWidget for a newly created LocalFrame that's not fully attached
to the frame tree, it will be in an inconsistent state and cause crashes during
painting. Instead, update the widget at swap-time, when the frame actually
becomes fully attached.

BUG=422583

Review URL: https://codereview.chromium.org/668963002

git-svn-id: svn://svn.chromium.org/blink/trunk@184313 bbb929c8-8fbe-4397-9dbb-9b2b20218538
parent f4d520ba
Hide whitespace changes
Inline Side-by-side
Showing with 14 additions and 5 deletions
third_party/WebKit/Source/core/frame/LocalFrame.cpp
View file @ 5ac77eb5
...@@ -183,7 +183,11 @@ void LocalFrame::createView(const IntSize& viewportSize, const Color& background ...@@ -183,7 +183,11 @@ void LocalFrame::createView(const IntSize& viewportSize, const Color& background
if (ownerRenderer()) { if (ownerRenderer()) {
HTMLFrameOwnerElement* owner = deprecatedLocalOwner(); HTMLFrameOwnerElement* owner = deprecatedLocalOwner();
ASSERT(owner); ASSERT(owner);
owner->setWidget(frameView); // FIXME: OOPI might lead to us temporarily lying to a frame and telling it
// that it's owned by a FrameOwner that knows nothing about it. If we're
// lying to this frame, don't let it clobber the existing widget.
if (owner->contentFrame() == this)
owner->setWidget(frameView);
} }
if (HTMLFrameOwnerElement* owner = deprecatedLocalOwner()) if (HTMLFrameOwnerElement* owner = deprecatedLocalOwner())
......
third_party/WebKit/Source/web/WebFrame.cpp
View file @ 5ac77eb5
...@@ -6,6 +6,7 @@ ...@@ -6,6 +6,7 @@
#include "public/web/WebFrame.h" #include "public/web/WebFrame.h"
#include "core/frame/FrameHost.h" #include "core/frame/FrameHost.h"
#include "core/frame/FrameView.h"
#include "core/frame/RemoteFrame.h" #include "core/frame/RemoteFrame.h"
#include "core/html/HTMLFrameOwnerElement.h" #include "core/html/HTMLFrameOwnerElement.h"
#include "platform/UserGestureIndicator.h" #include "platform/UserGestureIndicator.h"
...@@ -75,10 +76,14 @@ bool WebFrame::swap(WebFrame* frame) ...@@ -75,10 +76,14 @@ bool WebFrame::swap(WebFrame* frame)
// increments of connected subframes. // increments of connected subframes.
FrameOwner* owner = oldFrame->owner(); FrameOwner* owner = oldFrame->owner();
oldFrame->disconnectOwnerElement(); oldFrame->disconnectOwnerElement();
if (toCoreFrame(frame)) { if (Frame* newFrame = toCoreFrame(frame)) {
ASSERT(owner == toCoreFrame(frame)->owner()); ASSERT(owner == newFrame->owner());
if (owner->isLocal()) if (owner->isLocal()) {
toHTMLFrameOwnerElement(owner)->setContentFrame(*toCoreFrame(frame)); HTMLFrameOwnerElement* ownerElement = toHTMLFrameOwnerElement(owner);
ownerElement->setContentFrame(*newFrame);
if (newFrame->isLocalFrame())
ownerElement->setWidget(toLocalFrame(newFrame)->view());
}
} else if (frame->isWebLocalFrame()) { } else if (frame->isWebLocalFrame()) {
toWebLocalFrameImpl(frame)->initializeCoreFrame(oldFrame->host(), owner, oldFrame->tree().name(), nullAtom); toWebLocalFrameImpl(frame)->initializeCoreFrame(oldFrame->host(), owner, oldFrame->tree().name(), nullAtom);
} else { } else {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment