Modified: trunk/Source/WebKit2/ChangeLog (86894 => 86895)
--- trunk/Source/WebKit2/ChangeLog 2011-05-19 22:08:24 UTC (rev 86894)
+++ trunk/Source/WebKit2/ChangeLog 2011-05-19 22:10:29 UTC (rev 86895)
@@ -1,3 +1,32 @@
+2011-05-19 Anders Carlsson <[email protected]>
+
+ Reviewed by Sam Weinig.
+
+ Hang UI appears when WebProcess isn't running
+ https://bugs.webkit.org/show_bug.cgi?id=61147
+ <rdar://problem/9413683>
+
+ This fixes two bugs:
+
+ 1. The HistoryClient related message handlers in WebContext could get invoked for pages that have been closed,
+ and thus didn't have any subframes. Since we have a MESSAGE_CHECK that checks that the frame exists, we'd
+ mark the currently dispatched message as invalid, which would end up calling Connection::Client::didReceiveInvalidMessage.
+ Fix this by checking that the page exists first.
+
+ 2. In the call to WebProcessProxy::didReceiveInvalidMessage we'd first invalidate the CoreIPC connection to make sure
+ that we won't get any further messages from this connection. We'd then go ahead and terminate the web process,
+ but because we've already invalidated the CoreIPC connection we would never get the Connection::Client::didClose
+ callback that would call WebPageProxy::processDidCrash. Fix this by explicitly calling WebProcessProxy::didClose.
+ Also, add logging when we receive an invalid message
+
+ * UIProcess/WebContext.cpp:
+ (WebKit::WebContext::didNavigateWithNavigationData):
+ (WebKit::WebContext::didPerformClientRedirect):
+ (WebKit::WebContext::didPerformServerRedirect):
+ (WebKit::WebContext::didUpdateHistoryTitle):
+ * UIProcess/WebProcessProxy.cpp:
+ (WebKit::WebProcessProxy::didReceiveInvalidMessage):
+
2011-05-19 Brian Weinstein <[email protected]>
Reviewed by Adam Roben.
Modified: trunk/Source/WebKit2/UIProcess/WebContext.cpp (86894 => 86895)
--- trunk/Source/WebKit2/UIProcess/WebContext.cpp 2011-05-19 22:08:24 UTC (rev 86894)
+++ trunk/Source/WebKit2/UIProcess/WebContext.cpp 2011-05-19 22:10:29 UTC (rev 86895)
@@ -408,40 +408,52 @@
void WebContext::didNavigateWithNavigationData(uint64_t pageID, const WebNavigationDataStore& store, uint64_t frameID)
{
+ WebPageProxy* page = m_process->webPage(pageID);
+ if (!page)
+ return;
+
WebFrameProxy* frame = m_process->webFrame(frameID);
MESSAGE_CHECK(frame);
- if (!frame->page())
- return;
+ MESSAGE_CHECK(frame->page() == page);
- m_historyClient.didNavigateWithNavigationData(this, frame->page(), store, frame);
+ m_historyClient.didNavigateWithNavigationData(this, page, store, frame);
}
void WebContext::didPerformClientRedirect(uint64_t pageID, const String& sourceURLString, const String& destinationURLString, uint64_t frameID)
{
+ WebPageProxy* page = m_process->webPage(pageID);
+ if (!page)
+ return;
+
WebFrameProxy* frame = m_process->webFrame(frameID);
MESSAGE_CHECK(frame);
- if (!frame->page())
- return;
+ MESSAGE_CHECK(frame->page() == page);
- m_historyClient.didPerformClientRedirect(this, frame->page(), sourceURLString, destinationURLString, frame);
+ m_historyClient.didPerformClientRedirect(this, page, sourceURLString, destinationURLString, frame);
}
void WebContext::didPerformServerRedirect(uint64_t pageID, const String& sourceURLString, const String& destinationURLString, uint64_t frameID)
{
+ WebPageProxy* page = m_process->webPage(pageID);
+ if (!page)
+ return;
+
WebFrameProxy* frame = m_process->webFrame(frameID);
MESSAGE_CHECK(frame);
- if (!frame->page())
- return;
+ MESSAGE_CHECK(frame->page() == page);
- m_historyClient.didPerformServerRedirect(this, frame->page(), sourceURLString, destinationURLString, frame);
+ m_historyClient.didPerformServerRedirect(this, page, sourceURLString, destinationURLString, frame);
}
void WebContext::didUpdateHistoryTitle(uint64_t pageID, const String& title, const String& url, uint64_t frameID)
{
+ WebPageProxy* page = m_process->webPage(pageID);
+ if (!page)
+ return;
+
WebFrameProxy* frame = m_process->webFrame(frameID);
MESSAGE_CHECK(frame);
- if (!frame->page())
- return;
+ MESSAGE_CHECK(frame->page() == page);
m_historyClient.didUpdateHistoryTitle(this, frame->page(), title, url, frame);
}
Modified: trunk/Source/WebKit2/UIProcess/WebProcessProxy.cpp (86894 => 86895)
--- trunk/Source/WebKit2/UIProcess/WebProcessProxy.cpp 2011-05-19 22:08:24 UTC (rev 86894)
+++ trunk/Source/WebKit2/UIProcess/WebProcessProxy.cpp 2011-05-19 22:10:29 UTC (rev 86895)
@@ -300,10 +300,18 @@
void WebProcessProxy::didReceiveInvalidMessage(CoreIPC::Connection*, CoreIPC::MessageID messageID)
{
+ // This fprintf is intentionally left because this function should
+ // only be hit in the case of a misbehaving web process.
+ fprintf(stderr, "Receive an invalid message from the web process with message ID %x\n", messageID.toInt());
+
// We received an invalid message from the web process, invalidate our connection and kill it.
m_connection->invalidate();
terminate();
+
+ // Since we've invalidated the connection we'll never get a Connection::Client::didClose
+ // callback so we'll explicitly call it here instead.
+ didClose(m_connection.get());
}
void WebProcessProxy::syncMessageSendTimedOut(CoreIPC::Connection*)
