Changeset 231298 in webkit

Timestamp:

May 3, 2018 1:45:32 AM (6 years ago)

Author:

Carlos Garcia Campos

Message:

REGRESSION(r222772): [GTK][WPE] WebProcess from WebKitGtk+ 2.19.9x SIGSEVs in WebKit::WebProcess::ensureNetworkProcessConnection() at Source/WebKit/WebProcess/WebProcess.cpp:1127
​https://bugs.webkit.org/show_bug.cgi?id=183348

Reviewed by Michael Catanzaro.

Source/WebKit:

When connection doesn't exit in case of sync message failure, always exit in case of failing to send
GetNetworkProcessConnection or GetStorageProcessConnection messages. This can happen when the WebView is created
and destroyed quickly.

• WebProcess/WebProcess.cpp:

(WebKit::WebProcess::ensureNetworkProcessConnection):
(WebKit::WebProcess::ensureWebToStorageProcessConnection):

Tools:

Add a test case to reproduce the crash.

• TestWebKitAPI/Tests/WebKitGLib/TestWebKitWebView.cpp:

(testWebViewCloseQuickly):
(beforeAll):

Location:

trunk

Files:

• Source/WebKit/ChangeLog (modified) (1 diff)
• Source/WebKit/WebProcess/WebProcess.cpp (modified) (2 diffs)
• Tools/ChangeLog (modified) (1 diff)
• Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitWebView.cpp (modified) (2 diffs)

trunk/Source/WebKit/ChangeLog

@@ +1 @@
+2018-05-03  Carlos Garcia Campos  <cgarcia@igalia.com>
+
+        REGRESSION(r222772): [GTK][WPE] WebProcess from WebKitGtk+ 2.19.9x SIGSEVs in WebKit::WebProcess::ensureNetworkProcessConnection() at Source/WebKit/WebProcess/WebProcess.cpp:1127
+        https://bugs.webkit.org/show_bug.cgi?id=183348
+
+        Reviewed by Michael Catanzaro.
+
+        When connection doesn't exit in case of sync message failure, always exit in case of failing to send
+        GetNetworkProcessConnection or GetStorageProcessConnection messages. This can happen when the WebView is created
+        and destroyed quickly.
+
+        * WebProcess/WebProcess.cpp:
+        (WebKit::WebProcess::ensureNetworkProcessConnection):
+        (WebKit::WebProcess::ensureWebToStorageProcessConnection):
+
 2018-05-02  Nan Wang  <n_wang@apple.com>
 

trunk/Source/WebKit/WebProcess/WebProcess.cpp

@@ -1149 +1149 @@
         IPC::Attachment encodedConnectionIdentifier;
 
-        if (!parentProcessConnection()->sendSync(Messages::WebProcessProxy::GetNetworkProcessConnection(), Messages::WebProcessProxy::GetNetworkProcessConnection::Reply(encodedConnectionIdentifier), 0, Seconds::infinity(), IPC::SendSyncOption::DoNotProcessIncomingMessagesWhenWaitingForSyncReply))
+        if (!parentProcessConnection()->sendSync(Messages::WebProcessProxy::GetNetworkProcessConnection(), Messages::WebProcessProxy::GetNetworkProcessConnection::Reply(encodedConnectionIdentifier), 0, Seconds::infinity(), IPC::SendSyncOption::DoNotProcessIncomingMessagesWhenWaitingForSyncReply)) {
+#if PLATFORM(GTK) || PLATFORM(WPE)
+            // GTK+ and WPE ports don't exit on send sync message failure.
+            // In this particular case, the network process can be terminated by the UI process while the
+            // Web process is still initializing, so we always want to exit instead of crashing. This can
+            // happen when the WebView is created and then destroyed quickly.
+            // See https://bugs.webkit.org/show_bug.cgi?id=183348.
+            exit(0);
+#else
             CRASH();
+#endif
+        }
 
 #if USE(UNIX_DOMAIN_SOCKETS)
@@ -1223 +1233 @@
         IPC::Attachment encodedConnectionIdentifier;
 
-        if (!parentProcessConnection()->sendSync(Messages::WebProcessProxy::GetStorageProcessConnection(initialSessionID), Messages::WebProcessProxy::GetStorageProcessConnection::Reply(encodedConnectionIdentifier), 0))
+        if (!parentProcessConnection()->sendSync(Messages::WebProcessProxy::GetStorageProcessConnection(initialSessionID), Messages::WebProcessProxy::GetStorageProcessConnection::Reply(encodedConnectionIdentifier), 0)) {
+#if PLATFORM(GTK) || PLATFORM(WPE)
+            // GTK+ and WPE ports don't exit on send sync message failure.
+            // In this particular case, the storage process can be terminated by the UI process while the
+            // connection is being done, so we always want to exit instead of crashing.
+            // See https://bugs.webkit.org/show_bug.cgi?id=183348.
+#else
             CRASH();
+#endif
+        }
 
 #if USE(UNIX_DOMAIN_SOCKETS)

trunk/Tools/ChangeLog

@@ +1 @@
+2018-05-03  Carlos Garcia Campos  <cgarcia@igalia.com>
+
+        REGRESSION(r222772): [GTK][WPE] WebProcess from WebKitGtk+ 2.19.9x SIGSEVs in WebKit::WebProcess::ensureNetworkProcessConnection() at Source/WebKit/WebProcess/WebProcess.cpp:1127
+        https://bugs.webkit.org/show_bug.cgi?id=183348
+
+        Reviewed by Michael Catanzaro.
+
+        Add a test case to reproduce the crash.
+
+        * TestWebKitAPI/Tests/WebKitGLib/TestWebKitWebView.cpp:
+        (testWebViewCloseQuickly):
+        (beforeAll):
+
 2018-05-02  Aditya Keerthi  <akeerthi@apple.com>
 

trunk/Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitWebView.cpp

@@ -106 +106 @@
 }
 
+static void testWebViewCloseQuickly(WebViewTest* test, gconstpointer)
+{
+    auto webView = Test::adoptView(Test::createWebView());
+    test->assertObjectIsDeletedWhenTestFinishes(G_OBJECT(webView.get()));
+    g_idle_add([](gpointer userData) -> gboolean {
+        static_cast<WebViewTest*>(userData)->quitMainLoop();
+        return G_SOURCE_REMOVE;
+    }, test);
+    g_main_loop_run(test->m_mainLoop);
+    webView = nullptr;
+}
+
 #if PLATFORM(WPE)
 static void testWebViewWebBackend(Test* test, gconstpointer)
@@ -1204 +1216 @@
     WebViewTest::add("WebKitWebView", "web-context", testWebViewWebContext);
     WebViewTest::add("WebKitWebView", "web-context-lifetime", testWebViewWebContextLifetime);
+    WebViewTest::add("WebKitWebView", "close-quickly", testWebViewCloseQuickly);
 #if PLATFORM(WPE)
     Test::add("WebKitWebView", "backend", testWebViewWebBackend);