Google Git
Sign in
chromium / chromium / src.git / f6bef8b8b9b3d4d5de27f014037bb7e9e449e28b^! / . / content / renderer
commitf6bef8b8b9b3d4d5de27f014037bb7e9e449e28b[log] [tgz]
authordanakj <[email protected]>Thu Oct 10 19:04:55 2019
committerCommit Bot <[email protected]>Thu Oct 10 19:04:55 2019
treed6857928de620b2e710a7a5b2ec5101a87fbf272
parent6a77b1b5db3eb4770aacff57a8bf0df89a1b2e9e [diff]
Don't receive SynchronizeVisualProperties IPC for an undead RenderWidget

These widgets are not in use, and VisualProperties will be sent when
they want to be revived by a new local main frame.

[email protected]

Bug: 419087
Change-Id: I4bcdd8a505c4e5c18a3d9e7b6c3b91f444774e2a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1850759
Commit-Queue: Avi Drissman <[email protected]>
Reviewed-by: Avi Drissman <[email protected]>
Cr-Commit-Position: refs/heads/master@{#704745}

diff --git a/content/renderer/render_view_impl.cc b/content/renderer/render_view_impl.cc
index 3ab0873c..5afdbd5 100644
--- a/content/renderer/render_view_impl.cc
+++ b/content/renderer/render_view_impl.cc

@@ -2044,13 +2044,10 @@
 void RenderViewImpl::OnUpdateVisualProperties(
     const VisualProperties& visual_properties,
     int widget_routing_id) {
-  // TODO(https://crbug.com/998273): We should not forward visual properties to
-  // frozen render widgets.
   // The widget may have been destroyed while the IPC was in flight.
   RenderWidget* widget = RenderWidget::FromRoutingID(widget_routing_id);
-  if (widget) {
+  if (widget && !widget->IsUndeadOrProvisional())
     widget->SynchronizeVisualPropertiesFromRenderView(visual_properties);
-  }
 }
 
 void RenderViewImpl::OnUpdatePageVisualProperties(

diff --git a/content/renderer/render_widget.cc b/content/renderer/render_widget.cc
index fac2de56..a6c1d3db 100644
--- a/content/renderer/render_widget.cc
+++ b/content/renderer/render_widget.cc

@@ -705,6 +705,12 @@
   TRACE_EVENT0("renderer",
                "RenderWidget::SynchronizeVisualPropertiesFromRenderView");
 
+  // TODO(crbug.com/995981): We shouldn't be sending VisualProperties to undead
+  // RenderWidgets already, but if we do we could crash if the RenderWidget
+  // hasn't been initialized yet. So this acts defensively until we destroy
+  // undead RenderWidgets.
+  DCHECK(!is_undead_);
+
   VisualProperties visual_properties = visual_properties_from_browser;
   // Web tests can override the device scale factor in the renderer.
   if (device_scale_factor_for_testing_) {