Add null checks effectively in UserInputBridge

Alex Christensen · webkit-commit-queue · commit 98e067649ed1 · 2020-11-06T02:01:36.000Z
https://bugs.webkit.org/show_bug.cgi?id=218622 <rdar://problem/70724960> Patch by Alex Christensen <achristensen@webkit.org> on 2020-11-05 Reviewed by Wenson Hsieh. Source/WebCore: * replay/UserInputBridge.cpp: (WebCore::UserInputBridge::reloadFrame): (WebCore::UserInputBridge::stopLoadingFrame): * replay/UserInputBridge.h: Source/WebKit: * WebProcess/WebPage/WebPage.cpp: (WebKit::WebPage::stopLoadingFrame): (WebKit::WebPage::stopLoading): (WebKit::WebPage::reload): Canonical link: https://commits.webkit.org/231298@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@269498 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
@@ -1,3 +1,16 @@
+2020-11-05  Alex Christensen  <achristensen@webkit.org>
+
+        Add null checks effectively in UserInputBridge
+        https://bugs.webkit.org/show_bug.cgi?id=218622
+        <rdar://problem/70724960>
+
+        Reviewed by Wenson Hsieh.
+
+        * replay/UserInputBridge.cpp:
+        (WebCore::UserInputBridge::reloadFrame):
+        (WebCore::UserInputBridge::stopLoadingFrame):
+        * replay/UserInputBridge.h:
+
 2020-11-05  Myles C. Maxfield  <mmaxfield@apple.com>
 
         [Cocoa] REGRESSION(r269211): Text with emoji can trigger drawing corruption
diff --git a/Source/WebCore/replay/UserInputBridge.cpp b/Source/WebCore/replay/UserInputBridge.cpp
@@ -117,14 +117,14 @@ void UserInputBridge::loadRequest(FrameLoadRequest&& request, InputSource)
     m_page.mainFrame().loader().load(WTFMove(request));
 }
 
-void UserInputBridge::reloadFrame(Frame* frame, OptionSet<ReloadOption> options, InputSource)
+void UserInputBridge::reloadFrame(Frame& frame, OptionSet<ReloadOption> options, InputSource)
 {
-    frame->loader().reload(options);
+    frame.loader().reload(options);
 }
 
-void UserInputBridge::stopLoadingFrame(Frame* frame, InputSource)
+void UserInputBridge::stopLoadingFrame(Frame& frame, InputSource)
 {
-    frame->loader().stopForUserCancel();
+    frame.loader().stopForUserCancel();
 }
 
 bool UserInputBridge::tryClosePage(InputSource)
diff --git a/Source/WebCore/replay/UserInputBridge.h b/Source/WebCore/replay/UserInputBridge.h
@@ -76,8 +76,8 @@ class UserInputBridge {
 
     // Navigation APIs.
     WEBCORE_EXPORT void loadRequest(FrameLoadRequest&&, InputSource = InputSource::User);
-    WEBCORE_EXPORT void reloadFrame(Frame*, OptionSet<ReloadOption>, InputSource = InputSource::User);
-    WEBCORE_EXPORT void stopLoadingFrame(Frame*, InputSource = InputSource::User);
+    WEBCORE_EXPORT void reloadFrame(Frame&, OptionSet<ReloadOption>, InputSource = InputSource::User);
+    WEBCORE_EXPORT void stopLoadingFrame(Frame&, InputSource = InputSource::User);
     WEBCORE_EXPORT bool tryClosePage(InputSource = InputSource::User);
 
 private:
diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog
@@ -1,3 +1,16 @@
+2020-11-05  Alex Christensen  <achristensen@webkit.org>
+
+        Add null checks effectively in UserInputBridge
+        https://bugs.webkit.org/show_bug.cgi?id=218622
+        <rdar://problem/70724960>
+
+        Reviewed by Wenson Hsieh.
+
+        * WebProcess/WebPage/WebPage.cpp:
+        (WebKit::WebPage::stopLoadingFrame):
+        (WebKit::WebPage::stopLoading):
+        (WebKit::WebPage::reload):
+
 2020-11-05  Brent Fulgham  <bfulgham@apple.com>
 
         [macOS] Remove mdnsresponder access from WebKit processes
diff --git a/Source/WebKit/WebProcess/WebPage/WebPage.cpp b/Source/WebKit/WebProcess/WebPage/WebPage.cpp
@@ -1708,14 +1708,20 @@ void WebPage::stopLoadingFrame(FrameIdentifier frameID)
     if (!frame)
         return;
 
-    corePage()->userInputBridge().stopLoadingFrame(frame->coreFrame());
+    auto* coreFrame = frame->coreFrame();
+    if (!coreFrame || !m_page)
+        return;
+
+    m_page->userInputBridge().stopLoadingFrame(*coreFrame);
 }
 
 void WebPage::stopLoading()
 {
-    SendStopResponsivenessTimer stopper;
+    if (!m_page || !m_mainFrame->coreFrame())
+        return;
 
-    corePage()->userInputBridge().stopLoadingFrame(m_mainFrame->coreFrame());
+    SendStopResponsivenessTimer stopper;
+    m_page->userInputBridge().stopLoadingFrame(*m_mainFrame->coreFrame());
 }
 
 bool WebPage::defersLoading() const
@@ -1736,7 +1742,10 @@ void WebPage::reload(uint64_t navigationID, uint32_t reloadOptions, SandboxExten
     m_pendingNavigationID = navigationID;
 
     m_sandboxExtensionTracker.beginReload(m_mainFrame.ptr(), WTFMove(sandboxExtensionHandle));
-    corePage()->userInputBridge().reloadFrame(m_mainFrame->coreFrame(), OptionSet<ReloadOption>::fromRaw(reloadOptions));
+    if (m_page && m_mainFrame->coreFrame())
+        m_page->userInputBridge().reloadFrame(*m_mainFrame->coreFrame(), OptionSet<ReloadOption>::fromRaw(reloadOptions));
+    else
+        ASSERT_NOT_REACHED();
 
     if (m_pendingNavigationID) {
         // This can happen if FrameLoader::reload() returns early because the document URL is empty.

Original file line number	Diff line number	Diff line change
`@@ -117,14 +117,14 @@ void UserInputBridge::loadRequest(FrameLoadRequest&& request, InputSource)`
`117`	`117`	`m_page.mainFrame().loader().load(WTFMove(request));`
`118`	`118`	`}`
`119`	`119`
`120`		`-void UserInputBridge::reloadFrame(Frame* frame, OptionSet<ReloadOption> options, InputSource)`
	`120`	`+void UserInputBridge::reloadFrame(Frame& frame, OptionSet<ReloadOption> options, InputSource)`
`121`	`121`	`{`
`122`		`- frame->loader().reload(options);`
	`122`	`+ frame.loader().reload(options);`
`123`	`123`	`}`
`124`	`124`
`125`		`-void UserInputBridge::stopLoadingFrame(Frame* frame, InputSource)`
	`125`	`+void UserInputBridge::stopLoadingFrame(Frame& frame, InputSource)`
`126`	`126`	`{`
`127`		`- frame->loader().stopForUserCancel();`
	`127`	`+ frame.loader().stopForUserCancel();`
`128`	`128`	`}`
`129`	`129`
`130`	`130`	`bool UserInputBridge::tryClosePage(InputSource)`