Changeset 142704 in webkit

Timestamp:

Feb 12, 2013 6:39:07 PM (11 years ago)

Author:

commit-queue@webkit.org

Message:

[WK2] Page reloading will crash UIProcess after WebProcess was killed
​https://bugs.webkit.org/show_bug.cgi?id=109305

Patch by Adenilson Cavalcanti <​cavalcantii@gmail.com> on 2013-02-12
Reviewed by Benjamin Poulain.

Source/WebKit2:

Re-initialize the pointer to a WebInspectorProxy object before calling
initializeWebPage().

When the WebProcess crashes, WebPageProxy::processDidCrash() will
set WebInspectorProxy pointer to null, which later is accessed by
initializeWebPage(). This patch avoids a crash scenario where
calls into a null pointer would be made.

• UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::reattachToWebProcess):

Tools:

Adding a new test to simulate the case of WebProcess crash followed by a trying
to load a new page.

• TestWebKitAPI/GNUmakefile.am:
• TestWebKitAPI/PlatformEfl.cmake:
• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/WebKit2/ReloadPageAfterCrash.cpp: Added.

(TestWebKitAPI):
(TestWebKitAPI::didFinishLoad):
(TestWebKitAPI::TEST):

Location:

trunk

Files:

• Source/WebKit2/ChangeLog (modified) (1 diff)
• Source/WebKit2/UIProcess/WebPageProxy.cpp (modified) (1 diff)
• Tools/ChangeLog (modified) (1 diff)
• Tools/TestWebKitAPI/GNUmakefile.am (modified) (1 diff)
• Tools/TestWebKitAPI/PlatformEfl.cmake (modified) (1 diff)
• Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj (modified) (4 diffs)
• Tools/TestWebKitAPI/Tests/WebKit2/ReloadPageAfterCrash.cpp (added)

trunk/Source/WebKit2/ChangeLog

@@ +1 @@
+2013-02-12  Adenilson Cavalcanti  <cavalcantii@gmail.com>
+
+        [WK2] Page reloading will crash UIProcess after WebProcess was killed
+        https://bugs.webkit.org/show_bug.cgi?id=109305
+
+        Reviewed by Benjamin Poulain.
+
+        Re-initialize the pointer to a WebInspectorProxy object before calling
+        initializeWebPage().
+
+        When the WebProcess crashes, WebPageProxy::processDidCrash() will
+        set WebInspectorProxy pointer to null, which later is accessed by
+        initializeWebPage(). This patch avoids a crash scenario where
+        calls into a null pointer would be made.
+
+        * UIProcess/WebPageProxy.cpp:
+        (WebKit::WebPageProxy::reattachToWebProcess):
+
 2013-02-12  Joseph Pecoraro  <pecoraro@apple.com>
 

trunk/Source/WebKit2/UIProcess/WebPageProxy.cpp

@@ -397 +397 @@
     m_process->addMessageReceiver(Messages::WebPageProxy::messageReceiverName(), m_pageID, this);
 
+#if ENABLE(INSPECTOR)
+    m_inspector = WebInspectorProxy::create(this);
+#endif
+#if ENABLE(FULLSCREEN_API)
+    m_fullScreenManager = WebFullScreenManagerProxy::create(this);
+#endif
+
     initializeWebPage();
 
     m_pageClient->didRelaunchProcess();
     m_drawingArea->waitForBackingStoreUpdateOnNextPaint();
-
-#if ENABLE(INSPECTOR)
-    m_inspector = WebInspectorProxy::create(this);
-#endif
-#if ENABLE(FULLSCREEN_API)
-    m_fullScreenManager = WebFullScreenManagerProxy::create(this);
-#endif
 }
 

trunk/Tools/ChangeLog

@@ +1 @@
+2013-02-12  Adenilson Cavalcanti  <cavalcantii@gmail.com>
+
+        [WK2] Page reloading will crash UIProcess after WebProcess was killed
+        https://bugs.webkit.org/show_bug.cgi?id=109305
+
+        Reviewed by Benjamin Poulain.
+
+        Adding a new test to simulate the case of WebProcess crash followed by a trying
+        to load a new page.
+
+        * TestWebKitAPI/GNUmakefile.am:
+        * TestWebKitAPI/PlatformEfl.cmake:
+        * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
+        * TestWebKitAPI/Tests/WebKit2/ReloadPageAfterCrash.cpp: Added.
+        (TestWebKitAPI):
+        (TestWebKitAPI::didFinishLoad):
+        (TestWebKitAPI::TEST):
+
 2013-02-11  Brent Fulgham  <bfulgham@webkit.org>
 

trunk/Tools/TestWebKitAPI/GNUmakefile.am

@@ -153 +153 @@
         Tools/TestWebKitAPI/Tests/WebKit2/LoadCanceledNoServerRedirectCallback.cpp \
         Tools/TestWebKitAPI/Tests/WebKit2/MouseMoveAfterCrash.cpp \
+        Tools/TestWebKitAPI/Tests/WebKit2/ReloadPageAfterCrash.cpp \
         Tools/TestWebKitAPI/Tests/WebKit2/NewFirstVisuallyNonEmptyLayout.cpp \
         Tools/TestWebKitAPI/Tests/WebKit2/NewFirstVisuallyNonEmptyLayoutFails.cpp \

trunk/Tools/TestWebKitAPI/PlatformEfl.cmake

@@ -70 +70 @@
     LoadCanceledNoServerRedirectCallback
     MouseMoveAfterCrash
+    ReloadPageAfterCrash
     NewFirstVisuallyNonEmptyLayout
     NewFirstVisuallyNonEmptyLayoutFails

trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj

@@ -89 +89 @@
                 76E182DF154767E600F1FADD /* auto-submitting-form.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 76E182DE15475A8300F1FADD /* auto-submitting-form.html */; };
                 81B50193140F232300D9EB58 /* StringBuilder.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 81B50192140F232300D9EB58 /* StringBuilder.cpp */; };
+                8A3AF93B16C9ED2700D248C1 /* ReloadPageAfterCrash.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 8A3AF93A16C9ED2700D248C1 /* ReloadPageAfterCrash.cpp */; };
                 930AD402150698D00067970F /* lots-of-text.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 930AD401150698B30067970F /* lots-of-text.html */; };
                 9318778915EEC57700A9CCE3 /* NewFirstVisuallyNonEmptyLayoutForImages.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 93AF4ECA1506F035007FD57E /* NewFirstVisuallyNonEmptyLayoutForImages.cpp */; };
@@ -348 +349 @@
                 76E182DE15475A8300F1FADD /* auto-submitting-form.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = "auto-submitting-form.html"; sourceTree = "<group>"; };
                 81B50192140F232300D9EB58 /* StringBuilder.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = StringBuilder.cpp; path = WTF/StringBuilder.cpp; sourceTree = "<group>"; };
+                8A3AF93A16C9ED2700D248C1 /* ReloadPageAfterCrash.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ReloadPageAfterCrash.cpp; sourceTree = "<group>"; };
                 8DD76FA10486AA7600D96B5E /* TestWebKitAPI */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = TestWebKitAPI; sourceTree = BUILT_PRODUCTS_DIR; };
                 930AD401150698B30067970F /* lots-of-text.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = "lots-of-text.html"; sourceTree = "<group>"; };
@@ -666 +668 @@
                                 333B9CE11277F23100FEFCE3 /* PreventEmptyUserAgent.cpp */,
                                 F6FDDDD214241AD4004F1729 /* PrivateBrowsingPushStateNoHistoryCallback.cpp */,
+                                8A3AF93A16C9ED2700D248C1 /* ReloadPageAfterCrash.cpp */,
                                 C0BD669C131D3CF700E18F2A /* ResponsivenessTimerDoesntFireEarly.cpp */,
                                 C0BD669E131D3CFF00E18F2A /* ResponsivenessTimerDoesntFireEarly_Bundle.cpp */,
@@ -1041 +1044 @@
                                 F6FDDDD314241AD4004F1729 /* PrivateBrowsingPushStateNoHistoryCallback.cpp in Sources */,
                                 0FC6C4CC141027E0005B7F0C /* RedBlackTree.cpp in Sources */,
+                                8A3AF93B16C9ED2700D248C1 /* ReloadPageAfterCrash.cpp in Sources */,
                                 3722C8691461E03E00C45D00 /* RenderedImageFromDOMRange.mm in Sources */,
                                 C0BD669D131D3CF700E18F2A /* ResponsivenessTimerDoesntFireEarly.cpp in Sources */,