Changeset 148312 in webkit

Timestamp:

Apr 12, 2013 4:29:13 PM (11 years ago)

Author:

benjamin@webkit.org

Message:

[WK2] WebPageProxy loadURL() won't work when called just after terminateProcess()
​https://bugs.webkit.org/show_bug.cgi?id=110743

Patch by Adenilson Cavalcanti <​cavalcantii@gmail.com> on 2013-04-12
Reviewed by Benjamin Poulain.

Source/WebKit2:

A call to loadURL() just after terminating WebProcess will fail thanks to
WebPageProxy being in an undefined state since it is in the middle of its own
cleanup after process termination.

To properly fix this, not only WebPageProxy cleanup should be made
at WebProcess termination request, but also WebProcessProxy needs
to only return to its caller after terminating the process and
closing connections. Otherwise, WebPageProxy can even be able to
detect that WebProcess is no longer running, but a call to respawn
the process will fail.

To fix these issues, this patch moves the cleanup code to a shared private function
that is used for both the cases i.e. user termination and real crash. WebProcess
shutdown is done using a new method that ensures that all cleanup was done before
returning.

A last change introduced in this patch is that for user requested termination,
clients are no longer notified of a crash (since it is not a crash).

• UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::terminateProcess):
(WebKit::WebPageProxy::processDidCrash):
(WebKit):
(WebKit::WebPageProxy::resetStateAfterProcessExited):

• UIProcess/WebPageProxy.h:

(WebPageProxy):

• UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::userRequestedTerminate):
(WebKit):

• UIProcess/WebProcessProxy.h:

(WebProcessProxy):

Tools:

Adding a new test file to check if loading a page just after WebProcess
has crashed (or was terminated) works. The test executes the
following steps (Load, Crash, Load), thus stressing WebProcess
reattach and process termination code path.

• TestWebKitAPI/GNUmakefile.am:
• TestWebKitAPI/PlatformEfl.cmake:
• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/WebKit2/MouseMoveAfterCrash.cpp:

(TestWebKitAPI::setPageLoaderClient):
(TestWebKitAPI::TEST):

• TestWebKitAPI/Tests/WebKit2/LoadPageOnCrash.cpp: Added.

(TestWebKitAPI):
(WebKit2CrashLoader):
(TestWebKitAPI::WebKit2CrashLoader::WebKit2CrashLoader):
(TestWebKitAPI::WebKit2CrashLoader::loadUrl):
(TestWebKitAPI::WebKit2CrashLoader::crashWebProcess):
(TestWebKitAPI::didFinishLoad):
(TestWebKitAPI::TEST):

• TestWebKitAPI/Tests/WebKit2/WebKit2.pro:

Location:

trunk

Files:

• Source/WebKit2/ChangeLog (modified) (1 diff)
• Source/WebKit2/UIProcess/WebPageProxy.cpp (modified) (3 diffs)
• Source/WebKit2/UIProcess/WebPageProxy.h (modified) (1 diff)
• Source/WebKit2/UIProcess/WebProcessProxy.cpp (modified) (1 diff)
• Source/WebKit2/UIProcess/WebProcessProxy.h (modified) (1 diff)
• Tools/ChangeLog (modified) (1 diff)
• Tools/TestWebKitAPI/GNUmakefile.am (modified) (1 diff)
• Tools/TestWebKitAPI/PlatformEfl.cmake (modified) (1 diff)
• Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj (modified) (4 diffs)
• Tools/TestWebKitAPI/Tests/WebKit2/LoadPageOnCrash.cpp (added)
• Tools/TestWebKitAPI/Tests/WebKit2/MouseMoveAfterCrash.cpp (modified) (3 diffs)
• Tools/TestWebKitAPI/Tests/WebKit2/WebKit2.pro (modified) (1 diff)

trunk/Source/WebKit2/ChangeLog

@@ +1 @@
+2013-04-12  Adenilson Cavalcanti  <cavalcantii@gmail.com>
+
+        [WK2] WebPageProxy loadURL() won't work when called just after terminateProcess()
+        https://bugs.webkit.org/show_bug.cgi?id=110743
+
+        Reviewed by Benjamin Poulain.
+
+        A call to loadURL() just after terminating WebProcess will fail thanks to
+        WebPageProxy being in an undefined state since it is in the middle of its own
+        cleanup after process termination.
+
+        To properly fix this, not only WebPageProxy cleanup should be made
+        at WebProcess termination request, but also WebProcessProxy needs
+        to only return to its caller after terminating the process and
+        closing connections. Otherwise, WebPageProxy can even be able to
+        detect that WebProcess is no longer running, but a call to respawn
+        the process will fail.
+
+        To fix these issues, this patch moves the cleanup code to a shared private function
+        that is used for both the cases i.e. user termination and real crash. WebProcess
+        shutdown is done using a new method that ensures that all cleanup was done before
+        returning.
+
+        A last change introduced in this patch is that for user requested termination,
+        clients are no longer notified of a crash (since it is not a crash).
+
+        * UIProcess/WebPageProxy.cpp:
+        (WebKit::WebPageProxy::terminateProcess):
+        (WebKit::WebPageProxy::processDidCrash):
+        (WebKit):
+        (WebKit::WebPageProxy::resetStateAfterProcessExited):
+        * UIProcess/WebPageProxy.h:
+        (WebPageProxy):
+        * UIProcess/WebProcessProxy.cpp:
+        (WebKit::WebProcessProxy::userRequestedTerminate):
+        (WebKit):
+        * UIProcess/WebProcessProxy.h:
+        (WebProcessProxy):
+
 2013-04-12  Gavin Barraclough  <barraclough@apple.com>
 

trunk/Source/WebKit2/UIProcess/WebPageProxy.cpp

@@ -1568 +1568 @@
         return;
 
-    m_process->terminate();
+    m_process->requestTermination();
+    resetStateAfterProcessExited();
 }
 
@@ -3799 +3800 @@
 void WebPageProxy::processDidCrash()
 {
+    ASSERT(m_isValid);
+
+    resetStateAfterProcessExited();
+
+    m_pageClient->processDidCrash();
+    m_loaderClient.processDidCrash(this);
+}
+
+void WebPageProxy::resetStateAfterProcessExited()
+{
     ASSERT(m_pageClient);
-
     m_process->removeMessageReceiver(Messages::WebPageProxy::messageReceiverName(), m_pageID);
 
@@ -3887 +3897 @@
     m_pendingLearnOrIgnoreWordMessageCount = 0;
 
-    m_pageClient->processDidCrash();
-    m_loaderClient.processDidCrash(this);
-
-    if (!m_isValid) {
-        // If the call out to the loader client didn't cause the web process to be relaunched, 
-        // we'll call setNeedsDisplay on the view so that we won't have the old contents showing.
-        // If the call did cause the web process to be relaunched, we'll keep the old page contents showing
-        // until the new web process has painted its contents.
-        setViewNeedsDisplay(IntRect(IntPoint(), viewSize()));
-    }
+    // If the call out to the loader client didn't cause the web process to be relaunched,
+    // we'll call setNeedsDisplay on the view so that we won't have the old contents showing.
+    // If the call did cause the web process to be relaunched, we'll keep the old page contents showing
+    // until the new web process has painted its contents.
+    setViewNeedsDisplay(IntRect(IntPoint(), viewSize()));
 
     // Can't expect DidReceiveEvent notifications from a crashed web process.

trunk/Source/WebKit2/UIProcess/WebPageProxy.h

@@ -778 +778 @@
     WebPageProxy(PageClient*, PassRefPtr<WebProcessProxy>, WebPageGroup*, uint64_t pageID);
 
+    void resetStateAfterProcessExited();
+
     // CoreIPC::MessageReceiver
     virtual void didReceiveMessage(CoreIPC::Connection*, CoreIPC::MessageDecoder&) OVERRIDE;

trunk/Source/WebKit2/UIProcess/WebProcessProxy.cpp

@@ -627 +627 @@
 }
 
+void WebProcessProxy::requestTermination()
+{
+    ChildProcessProxy::terminate();
+    webConnection()->didClose();
+    disconnect();
+}
+
 } // namespace WebKit

trunk/Source/WebKit2/UIProcess/WebProcessProxy.h

@@ -116 +116 @@
 #endif
 
+    void requestTermination();
+
 private:
     explicit WebProcessProxy(PassRefPtr<WebContext>);

trunk/Tools/ChangeLog

@@ +1 @@
+2013-04-12  Adenilson Cavalcanti  <cavalcantii@gmail.com>
+
+        [WK2] WebPageProxy loadURL() won't work when called just after terminateProcess()
+        https://bugs.webkit.org/show_bug.cgi?id=110743
+
+        Reviewed by Benjamin Poulain.
+
+        Adding a new test file to check if loading a page just after WebProcess
+        has crashed (or was terminated) works. The test executes the
+        following steps (Load, Crash, Load), thus stressing WebProcess
+        reattach and process termination code path.
+
+        * TestWebKitAPI/GNUmakefile.am:
+        * TestWebKitAPI/PlatformEfl.cmake:
+        * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
+        * TestWebKitAPI/Tests/WebKit2/MouseMoveAfterCrash.cpp:
+        (TestWebKitAPI::setPageLoaderClient):
+        (TestWebKitAPI::TEST):
+        * TestWebKitAPI/Tests/WebKit2/LoadPageOnCrash.cpp: Added.
+        (TestWebKitAPI):
+        (WebKit2CrashLoader):
+        (TestWebKitAPI::WebKit2CrashLoader::WebKit2CrashLoader):
+        (TestWebKitAPI::WebKit2CrashLoader::loadUrl):
+        (TestWebKitAPI::WebKit2CrashLoader::crashWebProcess):
+        (TestWebKitAPI::didFinishLoad):
+        (TestWebKitAPI::TEST):
+        * TestWebKitAPI/Tests/WebKit2/WebKit2.pro:
+
 2013-04-12  Ryosuke Niwa  <rniwa@webkit.org>
 

trunk/Tools/TestWebKitAPI/GNUmakefile.am

@@ -156 +156 @@
         Tools/TestWebKitAPI/Tests/WebKit2/LoadAlternateHTMLStringWithNonDirectoryURL.cpp \
         Tools/TestWebKitAPI/Tests/WebKit2/LoadCanceledNoServerRedirectCallback.cpp \
+        Tools/TestWebKitAPI/Tests/WebKit2/LoadPageOnCrash.cpp \
         Tools/TestWebKitAPI/Tests/WebKit2/MouseMoveAfterCrash.cpp \
         Tools/TestWebKitAPI/Tests/WebKit2/ReloadPageAfterCrash.cpp \

trunk/Tools/TestWebKitAPI/PlatformEfl.cmake

@@ -69 +69 @@
     LoadAlternateHTMLStringWithNonDirectoryURL
     LoadCanceledNoServerRedirectCallback
+    LoadPageOnCrash
     MouseMoveAfterCrash
     ReloadPageAfterCrash

trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj

@@ -92 +92 @@
                 8A2C750E16CED9550024F352 /* ResizeWindowAfterCrash.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 8A2C750D16CED9550024F352 /* ResizeWindowAfterCrash.cpp */; };
                 8A3AF93B16C9ED2700D248C1 /* ReloadPageAfterCrash.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 8A3AF93A16C9ED2700D248C1 /* ReloadPageAfterCrash.cpp */; };
+                8AA28C1A16D2FA7B002FF4DB /* LoadPageOnCrash.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 8AA28C1916D2FA7B002FF4DB /* LoadPageOnCrash.cpp */; };
                 930AD402150698D00067970F /* lots-of-text.html in Copy Resources */ = {isa = PBXBuildFile; fileRef = 930AD401150698B30067970F /* lots-of-text.html */; };
                 9318778915EEC57700A9CCE3 /* NewFirstVisuallyNonEmptyLayoutForImages.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 93AF4ECA1506F035007FD57E /* NewFirstVisuallyNonEmptyLayoutForImages.cpp */; };
@@ -360 +361 @@
                 8A2C750D16CED9550024F352 /* ResizeWindowAfterCrash.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ResizeWindowAfterCrash.cpp; sourceTree = "<group>"; };
                 8A3AF93A16C9ED2700D248C1 /* ReloadPageAfterCrash.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ReloadPageAfterCrash.cpp; sourceTree = "<group>"; };
+                8AA28C1916D2FA7B002FF4DB /* LoadPageOnCrash.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = LoadPageOnCrash.cpp; sourceTree = "<group>"; };
                 8DD76FA10486AA7600D96B5E /* TestWebKitAPI */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = TestWebKitAPI; sourceTree = BUILT_PRODUCTS_DIR; };
                 930AD401150698B30067970F /* lots-of-text.html */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.html; path = "lots-of-text.html"; sourceTree = "<group>"; };
@@ -663 +665 @@
                                 33DC8910141953A300747EF7 /* LoadCanceledNoServerRedirectCallback.cpp */,
                                 33DC89131419579F00747EF7 /* LoadCanceledNoServerRedirectCallback_Bundle.cpp */,
+                                8AA28C1916D2FA7B002FF4DB /* LoadPageOnCrash.cpp */,
                                 33BE5AF4137B5A6C00705813 /* MouseMoveAfterCrash.cpp */,
                                 33BE5AF8137B5AAE00705813 /* MouseMoveAfterCrash_Bundle.cpp */,
@@ -1042 +1045 @@
                                 52CB47411448FB9300873995 /* LoadAlternateHTMLStringWithNonDirectoryURL.cpp in Sources */,
                                 33DC8911141953A300747EF7 /* LoadCanceledNoServerRedirectCallback.cpp in Sources */,
+                                8AA28C1A16D2FA7B002FF4DB /* LoadPageOnCrash.cpp in Sources */,
                                 B4039F9D15E6D8B3007255D6 /* MathExtras.cpp in Sources */,
                                 CD5497B415857F0C00B5BC30 /* MediaTime.cpp in Sources */,

trunk/Tools/TestWebKitAPI/Tests/WebKit2/MouseMoveAfterCrash.cpp

@@ -38 +38 @@
 }
 
-static void processDidCrash(WKPageRef page, const void*)
-{
-    WKPageReload(page);
-}
-
 static void setPageLoaderClient(WKPageRef page)
 {
@@ -50 +45 @@
     loaderClient.clientInfo = 0;
     loaderClient.didFinishLoadForFrame = didFinishLoadForFrame;
-    loaderClient.processDidCrash = processDidCrash;
 
     WKPageSetPageLoaderClient(page, &loaderClient);
@@ -80 +74 @@
     webView.simulateMouseMove(20, 20);
 
-    // After moving the mouse (while the web process was hung on the Pause message), kill the web process. It is restarted in
-    // processDidCrash by reloading the page.
+    // After moving the mouse (while the web process was hung on the Pause message), kill the web process. It is restarted by reloading the page.
     WKPageTerminate(webView.page());
+    WKPageReload(webView.page());
 
-    // Wait until we load the page a second time (via reloading the page in processDidCrash).
+    // Wait until we load the page a second time.
     Util::run(&didFinishLoad);
 

trunk/Tools/TestWebKitAPI/Tests/WebKit2/WebKit2.pro

@@ -20 +20 @@
     LoadAlternateHTMLStringWithNonDirectoryURL.cpp \
     LoadCanceledNoServerRedirectCallback.cpp \
+    LoadPageOnCrash.cpp \
     MouseMoveAfterCrash.cpp \
     PageLoadBasic.cpp \