Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: d26e13849fba17b2ba44dbbea7df4f17b74e2f03
https://github.com/WebKit/WebKit/commit/d26e13849fba17b2ba44dbbea7df4f17b74e2f03
Author: Rupin Mittal <[email protected]>
Date: 2026-05-12 (Tue, 12 May 2026)
Changed paths:
M Source/WebCore/loader/ResourceLoader.cpp
Log Message:
-----------
StabilityTracer: Crash in ResourceLoader::willSendRequestInternal()
https://bugs.webkit.org/show_bug.cgi?id=314613
rdar://176317592
Reviewed by Matthew Finkel.
The crash log shows that there is a nullptr dereference in one of the calls to
FrameLoader::frame() in ResourceLoader::willSendRequestInternal(). When
accessing
the m_frame member of FrameLoader, we crash because we are accessing an invalid
address (0x8). This suggests that the FrameLoader itself may be null.
Most callsites of frameLoader->frame() in this function null check frameLoader
before using it. But https://commits.webkit.org/307220@main added a new callsite
that does not:
if (RefPtr document = frameLoader->frame().document()) { ... }
It's likely that frameLoader is null and we crash when trying to get the frame
from it. We speculatively fix this by adding a null check.
* Source/WebCore/loader/ResourceLoader.cpp:
(WebCore::ResourceLoader::willSendRequestInternal):
Canonical link: https://commits.webkit.org/313087@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
