• commit-queue@webkit.org's avatar
    REGRESSION(r117572): editing/spelling/spellcheck-async-remove-frame.html crashes on Mac · 3dc47a1a
    commit-queue@webkit.org authored
    https://bugs.webkit.org/show_bug.cgi?id=86859
    
    Source/WebCore:
    
    Patch by Hajime Morrita <morrita@chromium.org> on 2012-05-31
    Reviewed by Ryosuke Niwa.
    
    The test tries to reach an invalid SpellChecker object. Such an access should be guarded
    beforehand.
    
    Asynchronous spellchecking can return results after originated
    frame is gone, which triggered an invalid access to the dead spellchecker
    object. This chagne prevents it by marking request objects from
    the spellchecker as invalid:
    
    - Originally TextCheckerClient API was passed a SpellCheker object.
      This change abstracted it behind TextCheckingRequest interface,
      didSucceed() and didCancel() method specifically.
    - TextCheckingRequest was turned from a plain old object into
      a refcounted abstract class, which is now subclassed by SpellCheckRequest.
    - SpellChecker now marks pending SpellCheckRequest objects as invalid
      on its destructor.
    
    Test: editing/spelling/spellcheck-async-remove-frame.html
    
    * WebCore.exp.in:
    * editing/SpellChecker.cpp:
    (WebCore::SpellCheckRequest::SpellCheckRequest):
    (WebCore::SpellCheckRequest::create):
    (WebCore::SpellCheckRequest::didSucceed):
    (WebCore):
    (WebCore::SpellCheckRequest::didCancel):
    (WebCore::SpellCheckRequest::wasRequestedBy):
    (WebCore::SpellCheckRequest::requesterDestroyed):
    (WebCore::SpellChecker::~SpellChecker):
    (WebCore::SpellChecker::requestCheckingFor):
    (WebCore::SpellChecker::invokeRequest):
    (WebCore::SpellChecker::didCheckSucceed):
    (WebCore::SpellChecker::didCheckCancel):
    * editing/SpellChecker.h:
    (WebCore):
    (SpellCheckRequest):
    (WebCore::SpellCheckRequest::isStarted):
    (SpellChecker):
    * loader/EmptyClients.h:
    (WebCore::EmptyTextCheckerClient::requestCheckingOfString):
    * platform/text/TextCheckerClient.h:
    (TextCheckerClient):
    * platform/text/TextChecking.h:
    (GrammarDetail):
    (TextCheckingResult):
    (TextCheckingRequest):
    (WebCore::TextCheckingRequest::~TextCheckingRequest):
    
    Source/WebKit/blackberry:
    
    Patch by Hajime Morrita <morrita@chromium.org> on 2012-05-31
    Reviewed by Ryosuke Niwa.
    
    * WebCoreSupport/EditorClientBlackBerry.cpp:
    (WebCore::EditorClientBlackBerry::requestCheckingOfString):
    * WebCoreSupport/EditorClientBlackBerry.h:
    (EditorClientBlackBerry):
    
    Source/WebKit/chromium:
    
    Removed a port specific fix which was introduced at r117572.
    
    Patch by Hajime Morrita <morrita@chromium.org> on 2012-05-31
    Reviewed by Ryosuke Niwa.
    
    * src/EditorClientImpl.cpp:
    (WebKit::EditorClientImpl::frameWillDetachPage):
    (WebKit::EditorClientImpl::requestCheckingOfString):
    * src/EditorClientImpl.h:
    (WebCore):
    (EditorClientImpl):
    * src/WebTextCheckingCompletionImpl.cpp:
    (WebKit::WebTextCheckingCompletionImpl::didFinishCheckingText):
    (WebKit::WebTextCheckingCompletionImpl::didCancelCheckingText):
    * src/WebTextCheckingCompletionImpl.h:
    (WebKit::WebTextCheckingCompletionImpl::WebTextCheckingCompletionImpl):
    (WebTextCheckingCompletionImpl):
    
    Source/WebKit/efl:
    
    Patch by Hajime Morrita <morrita@chromium.org> on 2012-05-31
    Reviewed by Ryosuke Niwa.
    
    * WebCoreSupport/EditorClientEfl.h:
    (WebCore::EditorClientEfl::requestCheckingOfString):
    
    Source/WebKit/gtk:
    
    Patch by Hajime Morrita <morrita@chromium.org> on 2012-05-31
    Reviewed by Ryosuke Niwa.
    
    * WebCoreSupport/TextCheckerClientGtk.h:
    (WebKit::TextCheckerClientGtk::requestCheckingOfString):
    
    Source/WebKit/mac:
    
    Patch by Hajime Morrita <morrita@chromium.org> on 2012-05-31
    Reviewed by Ryosuke Niwa.
    
    * WebCoreSupport/WebEditorClient.h:
    * WebCoreSupport/WebEditorClient.mm:
    (-[WebEditorSpellCheckResponder initWithClient:sequence:results:]):
    (-[WebEditorSpellCheckResponder perform]):
    (WebEditorClient::didCheckSucceeded):
    (WebEditorClient::requestCheckingOfString):
    
    Source/WebKit/qt:
    
    Patch by Hajime Morrita <morrita@chromium.org> on 2012-05-31
    Reviewed by Ryosuke Niwa.
    
    * WebCoreSupport/TextCheckerClientQt.h:
    (WebCore::TextCheckerClientQt::requestCheckingOfString):
    
    Source/WebKit/win:
    
    Patch by Hajime Morrita <morrita@chromium.org> on 2012-05-31
    Reviewed by Ryosuke Niwa.
    
    * WebCoreSupport/WebEditorClient.h:
    (WebEditorClient::requestCheckingOfString):
    
    Source/WebKit/wince:
    
    Patch by Hajime Morrita <morrita@chromium.org> on 2012-05-31
    Reviewed by Ryosuke Niwa.
    
    * WebCoreSupport/EditorClientWinCE.h:
    (WebKit::EditorClientWinCE::requestCheckingOfString):
    
    Source/WebKit/wx:
    
    Patch by Hajime Morrita <morrita@chromium.org> on 2012-05-31
    Reviewed by Ryosuke Niwa.
    
    * WebKitSupport/EditorClientWx.h:
    (WebCore::EditorClientWx::requestCheckingOfString):
    
    Source/WebKit2:
    
    Patch by Hajime Morrita <morrita@chromium.org> on 2012-05-31
    Reviewed by Ryosuke Niwa.
    
    * WebProcess/WebCoreSupport/WebEditorClient.cpp:
    (WebKit::WebEditorClient::requestCheckingOfString):
    * WebProcess/WebCoreSupport/WebEditorClient.h:
    
    LayoutTests:
    
    Patch by Hajime Morrita <morrita@chromium.org> on 2012-05-31
    Reviewed by Ryosuke Niwa.
    
    * platform/mac/Skipped: Unskipped the test.
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@119192 268f45cc-cd09-0410-ab3c-d52691b4dbfc
    3dc47a1a
ChangeLog 204 KB