Changeset 244400 in webkit

Timestamp:

Apr 17, 2019 1:20:40 PM (5 years ago)

Author:

timothy_horton@apple.com

Message:

UI↔Web deadlock when printing with a JavaScript alert visible
​https://bugs.webkit.org/show_bug.cgi?id=196839
<rdar://problem/49157642>

Reviewed by Andy Estes.

Source/WebKit:

• Platform/IPC/Connection.cpp:

(IPC::Connection::dispatchWorkQueueMessageReceiverMessage):
(IPC::Connection::sendSyncReply):
(IPC::Connection::dispatchSyncMessage):

• Platform/IPC/Connection.h:

(IPC::Connection::hasOutstandingOutgoingSynchronousReplies const):
Keep track of whether we owe the other side of the connection any
delayed sync replies.

• UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _webViewPrintFormatter]):
Most actions one can take with a _WKWebViewPrintFormatter involve
synchronously messaging the Web Content process with an infinite timeout.
Doing so while the Web Content process is awaiting a reply to a deferred-reply
synchronous message (like, say, an alert()) results in an app-destroying deadlock.
Instead of that, return a nil _WKWebViewPrintFormatter, indicating to the client
that we can't print right now.

• UIProcess/ios/WKContentView.mm:

(-[WKContentView _wk_pageCountForPrintFormatter:]):
(-[WKContentView _wk_printedDocument]):
The above isn't sufficient, though, because a sync message could arrive and
be handled between creation and use of the _WKWebViewPrintFormatter.
So, we also bail with a zero page count and null CGPDFDocument immediately
before we would send a sync message to the Web Content process. Clients
handle this less gracefully (e.g. showing a zero page PDF), but it is
very rare compared to the above case.

Tools:

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/WebKitCocoa/WKWebViewPrintFormatter.mm: Added.

(-[PrintOnAlertUIDelegate webView:runJavaScriptAlertPanelWithMessage:initiatedByFrame:completionHandler:]):
(TEST):

Location:

trunk

Files:

• Source/WebKit/ChangeLog (modified) (1 diff)
• Source/WebKit/Platform/IPC/Connection.cpp (modified) (3 diffs)
• Source/WebKit/Platform/IPC/Connection.h (modified) (2 diffs)
• Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm (modified) (1 diff)
• Source/WebKit/UIProcess/ios/WKContentView.mm (modified) (2 diffs)
• Tools/ChangeLog (modified) (1 diff)
• Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj (modified) (4 diffs)
• Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebViewPrintFormatter.mm (added)

trunk/Source/WebKit/ChangeLog

@@ +1 @@
+2019-04-17  Tim Horton  <timothy_horton@apple.com>
+
+        UI↔Web deadlock when printing with a JavaScript alert visible
+        https://bugs.webkit.org/show_bug.cgi?id=196839
+        <rdar://problem/49157642>
+
+        Reviewed by Andy Estes.
+
+        * Platform/IPC/Connection.cpp:
+        (IPC::Connection::dispatchWorkQueueMessageReceiverMessage):
+        (IPC::Connection::sendSyncReply):
+        (IPC::Connection::dispatchSyncMessage):
+        * Platform/IPC/Connection.h:
+        (IPC::Connection::hasOutstandingOutgoingSynchronousReplies const):
+        Keep track of whether we owe the other side of the connection any
+        delayed sync replies.
+
+        * UIProcess/API/Cocoa/WKWebView.mm:
+        (-[WKWebView _webViewPrintFormatter]):
+        Most actions one can take with a _WKWebViewPrintFormatter involve
+        synchronously messaging the Web Content process with an infinite timeout.
+        Doing so while the Web Content process is awaiting a reply to a deferred-reply
+        synchronous message (like, say, an alert()) results in an app-destroying deadlock.
+        Instead of that, return a nil _WKWebViewPrintFormatter, indicating to the client
+        that we can't print right now.
+
+        * UIProcess/ios/WKContentView.mm:
+        (-[WKContentView _wk_pageCountForPrintFormatter:]):
+        (-[WKContentView _wk_printedDocument]):
+        The above isn't sufficient, though, because a sync message could arrive and
+        be handled between creation and use of the _WKWebViewPrintFormatter.
+        So, we also bail with a zero page count and null CGPDFDocument immediately
+        before we would send a sync message to the Web Content process. Clients
+        handle this less gracefully (e.g. showing a zero page PDF), but it is
+        very rare compared to the above case.
+
 2019-04-17  Zalan Bujtas  <zalan@apple.com>
 

trunk/Source/WebKit/Platform/IPC/Connection.cpp

@@ -342 +342 @@
     }
 
+    m_outstandingOutgoingSynchronousReplyCount++;
+
     auto replyEncoder = std::make_unique<Encoder>("IPC", "SyncMessageReply", syncRequestID);
 
@@ -459 +461 @@
 bool Connection::sendSyncReply(std::unique_ptr<Encoder> encoder)
 {
+    ASSERT(m_outstandingOutgoingSynchronousReplyCount);
+    m_outstandingOutgoingSynchronousReplyCount--;
+
     return sendMessage(WTFMove(encoder), { });
 }
@@ -889 +894 @@
     }
 
+    m_outstandingOutgoingSynchronousReplyCount++;
+
     auto replyEncoder = std::make_unique<Encoder>("IPC", "SyncMessageReply", syncRequestID);
 

trunk/Source/WebKit/Platform/IPC/Connection.h

@@ -197 +197 @@
     bool inSendSync() const { return m_inSendSyncCount; }
 
+    bool hasOutstandingOutgoingSynchronousReplies() const { return m_outstandingOutgoingSynchronousReplyCount; }
+
     Identifier identifier() const;
 
@@ -298 +300 @@
     unsigned m_inDispatchMessageMarkedDispatchWhenWaitingForSyncReplyCount;
     unsigned m_inDispatchMessageMarkedToUseFullySynchronousModeForTesting { 0 };
+    unsigned m_outstandingOutgoingSynchronousReplyCount { 0 };
     bool m_fullySynchronousModeIsAllowedForTesting { false };
     bool m_ignoreTimeoutsForTesting { false };

trunk/Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm

@@ -6324 +6324 @@
 {
 #if !PLATFORM(IOSMAC)
+    if (_page->process().connection()->hasOutstandingOutgoingSynchronousReplies())
+        return nil;
+
     UIViewPrintFormatter *viewPrintFormatter = self.viewPrintFormatter;
     ASSERT([viewPrintFormatter isKindOfClass:[_WKWebViewPrintFormatter class]]);

trunk/Source/WebKit/UIProcess/ios/WKContentView.mm

@@ -727 +727 @@
         return 0;
 
+    if (_page->process().connection()->hasOutstandingOutgoingSynchronousReplies())
+        return 0;
+
     uint64_t frameID;
     if (_WKFrameHandle *handle = printFormatter.frameToPrint)
@@ -770 +773 @@
 - (CGPDFDocumentRef)_wk_printedDocument
 {
+    if (_page->process().connection()->hasOutstandingOutgoingSynchronousReplies())
+        return nullptr;
+
     if (_isPrintingToPDF) {
         if (!_page->process().connection()->waitForAndDispatchImmediately<Messages::WebPageProxy::DrawToPDFCallback>(_page->pageID(), Seconds::infinity())) {

trunk/Tools/ChangeLog

@@ +1 @@
+2019-04-17  Tim Horton  <timothy_horton@apple.com>
+
+        UI↔Web deadlock when printing with a JavaScript alert visible
+        https://bugs.webkit.org/show_bug.cgi?id=196839
+        <rdar://problem/49157642>
+
+        Reviewed by Andy Estes.
+
+        * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
+        * TestWebKitAPI/Tests/WebKitCocoa/WKWebViewPrintFormatter.mm: Added.
+        (-[PrintOnAlertUIDelegate webView:runJavaScriptAlertPanelWithMessage:initiatedByFrame:completionHandler:]):
+        (TEST):
+
 2019-04-17  Alex Christensen  <achristensen@webkit.org>
 

trunk/Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj

@@ -95 +95 @@
                 2D2BEB2D22324E5F005544CA /* RequestTextInputContext.mm in Sources */ = {isa = PBXBuildFile; fileRef = 2D2BEB2C22324E5F005544CA /* RequestTextInputContext.mm */; };
                 2D3CA3A8221DF4B40088E803 /* PageOverlayPlugin.mm in Sources */ = {isa = PBXBuildFile; fileRef = 2D3CA3A4221DF2390088E803 /* PageOverlayPlugin.mm */; };
+                2D41CFB92260014F00FFF335 /* WKWebViewPrintFormatter.mm in Sources */ = {isa = PBXBuildFile; fileRef = 2D41CFB82260014E00FFF335 /* WKWebViewPrintFormatter.mm */; };
                 2D4CF8BD1D8360CC0001CE8D /* WKThumbnailView.mm in Sources */ = {isa = PBXBuildFile; fileRef = 2D4CF8BC1D8360CC0001CE8D /* WKThumbnailView.mm */; };
                 2D51A0C71C8BF00C00765C45 /* DOMHTMLVideoElementWrapper.mm in Sources */ = {isa = PBXBuildFile; fileRef = 2D51A0C51C8BF00400765C45 /* DOMHTMLVideoElementWrapper.mm */; };
@@ -1451 +1452 @@
                 2D2BEB2C22324E5F005544CA /* RequestTextInputContext.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = RequestTextInputContext.mm; sourceTree = "<group>"; };
                 2D3CA3A4221DF2390088E803 /* PageOverlayPlugin.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = PageOverlayPlugin.mm; sourceTree = "<group>"; };
+                2D41CFB82260014E00FFF335 /* WKWebViewPrintFormatter.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = WKWebViewPrintFormatter.mm; sourceTree = "<group>"; };
                 2D4CF8BC1D8360CC0001CE8D /* WKThumbnailView.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; name = WKThumbnailView.mm; path = WebKit/WKThumbnailView.mm; sourceTree = "<group>"; };
                 2D51A0C51C8BF00400765C45 /* DOMHTMLVideoElementWrapper.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = DOMHTMLVideoElementWrapper.mm; sourceTree = "<group>"; };
@@ -2715 +2717 @@
                                 F4106C6821ACBF84004B89A1 /* WKWebViewFirstResponderTests.mm */,
                                 D3BE5E341E4CE85E00FD563A /* WKWebViewGetContents.mm */,
+                                2D41CFB82260014E00FFF335 /* WKWebViewPrintFormatter.mm */,
                                 37A9DBE7213B4C9300D261A2 /* WKWebViewServerTrustKVC.mm */,
                                 93F56DA81E5F9181003EDE84 /* WKWebViewSnapshot.mm */,
@@ -4447 +4450 @@
                                 D34E08761E4E42E1005FF14A /* WKWebViewGetContents.mm in Sources */,
                                 F4FA91811E61849B007B8C1D /* WKWebViewMacEditingTests.mm in Sources */,
+                                2D41CFB92260014F00FFF335 /* WKWebViewPrintFormatter.mm in Sources */,
                                 37A9DBE9213B4C9300D261A2 /* WKWebViewServerTrustKVC.mm in Sources */,
                                 93F56DA91E5F919D003EDE84 /* WKWebViewSnapshot.mm in Sources */,