Changeset 76163 in webkit
- Timestamp:
- Jan 19, 2011 2:26:45 PM (13 years ago)
- Location:
- trunk/Source/WebKit2
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebKit2/ChangeLog
r76157 r76163 1 2011-01-19 Jessie Berlin <jberlin@apple.com> 2 3 Reviewed by Darin Adler. 4 5 Crash in WebDatabaseManagerProxy::getDatabaseOrigins when called after the WebProcess has 6 died at least once 7 https://bugs.webkit.org/show_bug.cgi?id=52730 8 9 WebDatabaseManagerProxy::invalidate was setting m_webContext to 0, and invalidate gets 10 called in WebContext::processDidClose. However, m_webContext is only set in the 11 constructor, which is only called from the constructor of WebContext, so attempting to send 12 a message to any new WebProcess after the first one died was causing a null deref. 13 14 This patch moves setting m_webcontext into clearContext and clearContext is only called in 15 the WebContext destructor. 16 17 This patch also adds checks for a valid WebProcessProxy before attempting to send messages to 18 the WebProcessProxy so that if the WebProcess has died and has not been revived, it does not 19 attempt to dereference a null WebProcessProxy. 20 21 * UIProcess/WebContext.cpp: 22 (WebKit::WebContext::~WebContext): 23 Call WebDatabaseManagerProxy::clearContext. 24 * UIProcess/WebContext.h: 25 (WebKit::WebContext::hasValidProcess): 26 Make this method public so that it can be called from WebDatabaseManagerProxy. 27 28 * UIProcess/WebDatabaseManagerProxy.cpp: 29 (WebKit::WebDatabaseManagerProxy::getDatabasesByOrigin): 30 If there isn't a valid process, invalidate the callback and return early. 31 (WebKit::WebDatabaseManagerProxy::getDatabaseOrigins): 32 Ditto. 33 (WebKit::WebDatabaseManagerProxy::deleteDatabaseWithNameForOrigin): 34 If tehre isn't a valid process return early. 35 (WebKit::WebDatabaseManagerProxy::deleteDatabasesForOrigin): 36 Ditto. 37 (WebKit::WebDatabaseManagerProxy::deleteAllDatabases): 38 Ditto. 39 (WebKit::WebDatabaseManagerProxy::setQuotaForOrigin): 40 Ditto. 41 (WebKit::WebDatabaseManagerProxy::invalidate): 42 Move setting m_webContext to 0 from here ... 43 * UIProcess/WebDatabaseManagerProxy.h: 44 (WebKit::WebDatabaseManagerProxy::clearContext): 45 ... to here. 46 1 47 2011-01-19 Anders Carlsson <andersca@apple.com> 2 48 -
trunk/Source/WebKit2/UIProcess/WebContext.cpp
r75452 r76163 115 115 m_geolocationManagerProxy->clearContext(); 116 116 117 m_databaseManagerProxy->invalidate(); 118 m_databaseManagerProxy->clearContext(); 119 117 120 #ifndef NDEBUG 118 121 webContextCounter.decrement(); -
trunk/Source/WebKit2/UIProcess/WebContext.h
r75452 r76163 68 68 ProcessModel processModel() const { return m_processModel; } 69 69 WebProcessProxy* process() const { return m_process.get(); } 70 bool hasValidProcess() const { return m_process && m_process->isValid(); } 70 71 71 72 void processDidFinishLaunching(WebProcessProxy*); … … 143 144 144 145 void ensureWebProcess(); 145 bool hasValidProcess() const { return m_process && m_process->isValid(); }146 146 void platformInitializeWebProcess(WebProcessCreationParameters&); 147 147 -
trunk/Source/WebKit2/UIProcess/WebDatabaseManagerProxy.cpp
r74693 r76163 101 101 { 102 102 invalidateCallbackMap(m_arrayCallbacks); 103 104 m_webContext = 0;105 103 } 106 104 … … 113 111 { 114 112 RefPtr<ArrayCallback> callback = prpCallback; 113 if (!m_webContext->hasValidProcess()) { 114 callback->invalidate(); 115 return; 116 } 115 117 uint64_t callbackID = callback->callbackID(); 116 118 m_arrayCallbacks.set(callbackID, callback.release()); … … 165 167 { 166 168 RefPtr<ArrayCallback> callback = prpCallback; 169 if (!m_webContext->hasValidProcess()) { 170 callback->invalidate(); 171 return; 172 } 167 173 uint64_t callbackID = callback->callbackID(); 168 174 m_arrayCallbacks.set(callbackID, callback.release()); … … 189 195 void WebDatabaseManagerProxy::deleteDatabaseWithNameForOrigin(const String& databaseIdentifier, WebSecurityOrigin* origin) 190 196 { 197 if (!m_webContext->hasValidProcess()) 198 return; 191 199 m_webContext->process()->send(Messages::WebDatabaseManager::DeleteDatabaseWithNameForOrigin(databaseIdentifier, origin->databaseIdentifier()), 0); 192 200 } … … 194 202 void WebDatabaseManagerProxy::deleteDatabasesForOrigin(WebSecurityOrigin* origin) 195 203 { 204 if (!m_webContext->hasValidProcess()) 205 return; 196 206 m_webContext->process()->send(Messages::WebDatabaseManager::DeleteDatabasesForOrigin(origin->databaseIdentifier()), 0); 197 207 } … … 199 209 void WebDatabaseManagerProxy::deleteAllDatabases() 200 210 { 211 if (!m_webContext->hasValidProcess()) 212 return; 201 213 m_webContext->process()->send(Messages::WebDatabaseManager::DeleteAllDatabases(), 0); 202 214 } … … 204 216 void WebDatabaseManagerProxy::setQuotaForOrigin(WebSecurityOrigin* origin, uint64_t quota) 205 217 { 218 if (!m_webContext->hasValidProcess()) 219 return; 206 220 m_webContext->process()->send(Messages::WebDatabaseManager::SetQuotaForOrigin(origin->databaseIdentifier(), quota), 0); 207 221 } -
trunk/Source/WebKit2/UIProcess/WebDatabaseManagerProxy.h
r74693 r76163 56 56 57 57 void invalidate(); 58 void clearContext() { m_webContext = 0; } 58 59 59 60 void initializeClient(const WKDatabaseManagerClient*);
Note: See TracChangeset
for help on using the changeset viewer.