Check if WorkerContext is terminated in WebWorkerClientImple::openFileSystem call.

https://bugs.webkit.org/show_bug.cgi?id=96601

Patch by Taiju Tsuiki <tzik@chromium.org> on 2012-09-13
Reviewed by Kent Tamura.

m_webFrame might be already deleted after terminateWorkerContext call.
This patch ensure it be NULL and change to avoid using it.

Test: fast/filesystem/workers/detached-frame-crash.html

* src/WebWorkerClientImpl.cpp:
(WebKit::WebWorkerClientImpl::terminateWorkerContext):
(WebKit::WebWorkerClientImpl::openFileSystem):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@128415 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 935800a9
2012-09-13 Taiju Tsuiki <tzik@chromium.org>
Check if WorkerContext is terminated in WebWorkerClientImple::openFileSystem call.
https://bugs.webkit.org/show_bug.cgi?id=96601
Reviewed by Kent Tamura.
m_webFrame might be already deleted after terminateWorkerContext call.
This patch ensure it be NULL and change to avoid using it.
Test: fast/filesystem/workers/detached-frame-crash.html
* src/WebWorkerClientImpl.cpp:
(WebKit::WebWorkerClientImpl::terminateWorkerContext):
(WebKit::WebWorkerClientImpl::openFileSystem):
2012-09-12 Leandro Gracia Gil <leandrogracia@chromium.org>
[Chromium] Fix cases where find-in-page doesn't send a final update
......
......@@ -104,6 +104,7 @@ void WebWorkerClientImpl::startWorkerContext(const KURL& scriptURL, const String
void WebWorkerClientImpl::terminateWorkerContext()
{
m_webFrame = 0;
m_proxy->terminateWorkerContext();
}
......@@ -210,7 +211,7 @@ bool WebWorkerClientImpl::allowFileSystem()
void WebWorkerClientImpl::openFileSystem(WebFileSystem::Type type, long long size, bool create,
WebFileSystemCallbacks* callbacks)
{
if (!m_webFrame->client()) {
if (m_proxy->askedToTerminate()) {
callbacks->didFail(WebFileErrorAbort);
return;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment