[MPArch] Fixes for crashes due to FTN accessing RFH in initialization
Before FrameTreeNode is initialized, it cannot access an associated
RenderFrameHost. Prevent FrameTreeNode from trying to access an
RFH by making the associated required functionality generic enough to
be called from either FrameTreeNode post-initialization, or from
RenderFrameHost during initialization.
Bug: 1314627, 1307825
Change-Id: I477c129e17ee8b7fea351726e02a80d78c9c6643
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3579313
Reviewed-by: Dave Tapuska <[email protected]>
Reviewed-by: Rakina Zata Amni <[email protected]>
Commit-Queue: Harkiran Bolaria <[email protected]>
Cr-Commit-Position: refs/heads/main@{#995159}
diff --git a/content/browser/renderer_host/frame_tree_node.cc b/content/browser/renderer_host/frame_tree_node.cc
index 4c1cbc2..cb7e1a0 100644
--- a/content/browser/renderer_host/frame_tree_node.cc
+++ b/content/browser/renderer_host/frame_tree_node.cc
@@ -131,6 +131,44 @@
return static_cast<RenderFrameHostImpl*>(rfh)->frame_tree_node();
}
+RenderFrameHostImpl::FencedFrameStatus ComputeFencedFrameStatus(
+ FrameTree* frame_tree,
+ RenderFrameHostImpl* parent,
+ const blink::FramePolicy& frame_policy) {
+ if (blink::features::IsFencedFramesEnabled()) {
+ switch (blink::features::kFencedFramesImplementationTypeParam.Get()) {
+ case blink::features::FencedFramesImplementationType::kMPArch: {
+ if (frame_tree->type() == FrameTree::Type::kFencedFrame) {
+ if (!parent)
+ return RenderFrameHostImpl::FencedFrameStatus::kFencedFrameRoot;
+ return RenderFrameHostImpl::FencedFrameStatus::
+ kIframeNestedWithinFencedFrame;
+ } else {
+ return RenderFrameHostImpl::FencedFrameStatus::
+ kNotNestedInFencedFrame;
+ }
+ }
+ case blink::features::FencedFramesImplementationType::kShadowDOM: {
+ // Different from the MPArch case, the ShadowDOM implementation of
+ // fenced frame lives in the same FrameTree as its parent, so we need to
+ // check its effective frame policy instead.
+ if (frame_policy.is_fenced) {
+ return RenderFrameHostImpl::FencedFrameStatus::kFencedFrameRoot;
+ } else if (parent && parent->frame_tree_node()->IsInFencedFrameTree()) {
+ return RenderFrameHostImpl::FencedFrameStatus::
+ kIframeNestedWithinFencedFrame;
+ }
+ return RenderFrameHostImpl::FencedFrameStatus::kNotNestedInFencedFrame;
+ }
+ default: {
+ return RenderFrameHostImpl::FencedFrameStatus::kNotNestedInFencedFrame;
+ }
+ }
+ }
+
+ return RenderFrameHostImpl::FencedFrameStatus::kNotNestedInFencedFrame;
+}
+
FrameTreeNode::FrameTreeNode(
FrameTree* frame_tree,
RenderFrameHostImpl* parent,
@@ -149,6 +187,8 @@
is_created_by_script_(is_created_by_script),
devtools_frame_token_(devtools_frame_token),
frame_owner_properties_(frame_owner_properties),
+ fenced_frame_status_(
+ ComputeFencedFrameStatus(frame_tree_, parent_, frame_policy)),
render_manager_(this, frame_tree->manager_delegate()) {
TRACE_EVENT_BEGIN("navigation", "FrameTreeNode",
perfetto::Track::FromPointer(this),
@@ -845,11 +885,13 @@
}
bool FrameTreeNode::IsFencedFrameRoot() const {
- return current_frame_host()->IsFencedFrameRootNoStatus();
+ return fenced_frame_status_ ==
+ RenderFrameHostImpl::FencedFrameStatus::kFencedFrameRoot;
}
bool FrameTreeNode::IsInFencedFrameTree() const {
- return current_frame_host()->IsInFencedFrameTree();
+ return fenced_frame_status_ !=
+ RenderFrameHostImpl::FencedFrameStatus::kNotNestedInFencedFrame;
}
void FrameTreeNode::SetFencedFrameNonceIfNeeded() {
