Changeset 248121 in webkit


Ignore:
Timestamp:
Aug 1, 2019 12:53:19 PM (5 years ago)
Author:
Chris Dumez
Message:

Crash under WebProcessProxy::didBecomeUnresponsive()
https://bugs.webkit.org/show_bug.cgi?id=200346
<rdar://problem/53795984>

Reviewed by Geoffrey Garen.

Make sure the BackgroundProcessResponsivenessTimer / ResponsivenessTimer ref their client
while they call mayBecomeUnresponsive() / willChangeIsResponsive() / didChangeIsResponsive()
/ didBecomeUnresponsive() on their client, in case calling one of these ends up destroying
the client.

  • UIProcess/BackgroundProcessResponsivenessTimer.cpp:

(WebKit::BackgroundProcessResponsivenessTimer::setResponsive):

  • UIProcess/ResponsivenessTimer.cpp:

(WebKit::ResponsivenessTimer::timerFired):

  • UIProcess/ResponsivenessTimer.h:
  • UIProcess/WebProcessProxy.h:
Location:
trunk/Source/WebKit
Files:
5 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/WebKit/ChangeLog

    r248104 r248121  
     12019-08-01  Chris Dumez  <cdumez@apple.com>
     2
     3        Crash under WebProcessProxy::didBecomeUnresponsive()
     4        https://bugs.webkit.org/show_bug.cgi?id=200346
     5        <rdar://problem/53795984>
     6
     7        Reviewed by Geoffrey Garen.
     8
     9        Make sure the BackgroundProcessResponsivenessTimer / ResponsivenessTimer ref their client
     10        while they call mayBecomeUnresponsive() / willChangeIsResponsive() / didChangeIsResponsive()
     11        / didBecomeUnresponsive() on their client, in case calling one of these ends up destroying
     12        the client.
     13
     14        * UIProcess/BackgroundProcessResponsivenessTimer.cpp:
     15        (WebKit::BackgroundProcessResponsivenessTimer::setResponsive):
     16        * UIProcess/ResponsivenessTimer.cpp:
     17        (WebKit::ResponsivenessTimer::timerFired):
     18        * UIProcess/ResponsivenessTimer.h:
     19        * UIProcess/WebProcessProxy.h:
     20
    1212019-08-01  Youenn Fablet  <youenn@apple.com>
    222

  • trunk/Source/WebKit/UIProcess/BackgroundProcessResponsivenessTimer.cpp

    r244936 r248121  
    117117        return;
    118118
     119    auto protectedClient = makeRef(client());
     120
    119121    client().willChangeIsResponsive();
    120122    m_isResponsive = isResponsive;

  • trunk/Source/WebKit/UIProcess/ResponsivenessTimer.cpp

    r241351 r248121  
    6969        return;
    7070
     71    auto protectedClient = makeRef(m_client);
     72
    7173    if (!m_client.mayBecomeUnresponsive()) {
    7274        m_waitingForTimer = true;
     
    114116{
    115117    if (!m_isResponsive) {
     118        auto protectedClient = makeRef(m_client);
     119
    116120        // We got a life sign from the web process.
    117121        m_client.willChangeIsResponsive();

  • trunk/Source/WebKit/UIProcess/ResponsivenessTimer.h

    r241351 r248121  
    4343
    4444        virtual bool mayBecomeUnresponsive() = 0;
     45
     46        virtual void ref() = 0;
     47        virtual void deref() = 0;
    4548    };
    4649

  • trunk/Source/WebKit/UIProcess/WebProcessProxy.h

    r247146 r248121  
    309309    void webPageMediaStateDidChange(WebPageProxy&);
    310310
     311    void ref() final { ThreadSafeRefCounted::ref(); }
     312    void deref() final { ThreadSafeRefCounted::deref(); }
     313
    311314protected:
    312315    static WebCore::PageIdentifier generatePageID();
Note: See TracChangeset for help on using the changeset viewer.