[webkit-changes] [212850] trunk/Source/WebKit2

[andersca]

Title: [212850] trunk/Source/WebKit2

Revision

212850

Author

ander...@apple.com

Date

2017-02-22 13:49:54 -0800 (Wed, 22 Feb 2017)

Log Message

Crash if there's a mismatch between the WebKit used by the UI process and child processes respectively
https://bugs.webkit.org/show_bug.cgi?id=168739
Part of rdar://problem/30631411.

Reviewed by Geoffrey Garen.

If the UI process and web process for some reason end up using different versions of the WebKit framework, weird things happen
because the message format is different between versions. To avoid this, send along the WebKit bundle version from the UI process
in the XPC bootstrap message, check that it matches inside the XPC main functions. If there's a mismatch, crash.

* Shared/Cocoa/ChildProcessCocoa.mm:
(WebKit::ChildProcess::didReceiveInvalidMessage):
Fix parameters.

* Shared/EntryPointUtilities/mac/XPCService/XPCServiceMain.mm:
(main):
Check for the bundle version and crash if it's not what we expect.

* UIProcess/Launcher/mac/ProcessLauncherMac.mm:
(WebKit::ProcessLauncher::launchProcess):
Initialize the bundle version.

* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::_WKSetCrashReportApplicationSpecificInformation):
Export this so we can call it from the XPC services without having to link WKSI.

Modified Paths

• trunk/Source/WebKit2/ChangeLog
• trunk/Source/WebKit2/Shared/Cocoa/ChildProcessCocoa.mm
• trunk/Source/WebKit2/Shared/EntryPointUtilities/mac/XPCService/XPCServiceMain.mm
• trunk/Source/WebKit2/UIProcess/Launcher/mac/ProcessLauncherMac.mm
• trunk/Source/WebKit2/WebProcess/cocoa/WebProcessCocoa.mm

Diff

Modified: trunk/Source/WebKit2/ChangeLog (212849 => 212850)

--- trunk/Source/WebKit2/ChangeLog	2017-02-22 21:33:10 UTC (rev 212849)
+++ trunk/Source/WebKit2/ChangeLog	2017-02-22 21:49:54 UTC (rev 212850)
@@ -1,3 +1,31 @@
+2017-02-22  Anders Carlsson  <ander...@apple.com>
+
+        Crash if there's a mismatch between the WebKit used by the UI process and child processes respectively
+        https://bugs.webkit.org/show_bug.cgi?id=168739
+        Part of rdar://problem/30631411.
+
+        Reviewed by Geoffrey Garen.
+
+        If the UI process and web process for some reason end up using different versions of the WebKit framework, weird things happen
+        because the message format is different between versions. To avoid this, send along the WebKit bundle version from the UI process
+        in the XPC bootstrap message, check that it matches inside the XPC main functions. If there's a mismatch, crash.
+
+        * Shared/Cocoa/ChildProcessCocoa.mm:
+        (WebKit::ChildProcess::didReceiveInvalidMessage):
+        Fix parameters.
+
+        * Shared/EntryPointUtilities/mac/XPCService/XPCServiceMain.mm:
+        (main):
+        Check for the bundle version and crash if it's not what we expect.
+
+        * UIProcess/Launcher/mac/ProcessLauncherMac.mm:
+        (WebKit::ProcessLauncher::launchProcess):
+        Initialize the bundle version.
+
+        * WebProcess/cocoa/WebProcessCocoa.mm:
+        (WebKit::_WKSetCrashReportApplicationSpecificInformation):
+        Export this so we can call it from the XPC services without having to link WKSI.
+
 2017-02-22  Chris Dumez  <cdu...@apple.com>
 
         [WK2] Call processDidBecomeUnresponsive delegate when a background process is unresponsive

Modified: trunk/Source/WebKit2/Shared/Cocoa/ChildProcessCocoa.mm (212849 => 212850)

--- trunk/Source/WebKit2/Shared/Cocoa/ChildProcessCocoa.mm	2017-02-22 21:33:10 UTC (rev 212849)
+++ trunk/Source/WebKit2/Shared/Cocoa/ChildProcessCocoa.mm	2017-02-22 21:49:54 UTC (rev 212850)
@@ -30,7 +30,7 @@
 
 namespace WebKit {
 
-void ChildProcess::didReceiveInvalidMessage(IPC::Connection&, IPC::StringReference messageName, IPC::StringReference messageReceiverName)
+void ChildProcess::didReceiveInvalidMessage(IPC::Connection&, IPC::StringReference messageReceiverName, IPC::StringReference messageName)
 {
     WKSetCrashReportApplicationSpecificInformation((__bridge CFStringRef)[NSString stringWithFormat:@"Received invalid message: '%s::%s'", messageReceiverName.toString().data(), messageName.toString().data()]);
     CRASH();

Modified: trunk/Source/WebKit2/Shared/EntryPointUtilities/mac/XPCService/XPCServiceMain.mm (212849 => 212850)

--- trunk/Source/WebKit2/Shared/EntryPointUtilities/mac/XPCService/XPCServiceMain.mm	2017-02-22 21:33:10 UTC (rev 212849)
+++ trunk/Source/WebKit2/Shared/EntryPointUtilities/mac/XPCService/XPCServiceMain.mm	2017-02-22 21:49:54 UTC (rev 212850)
@@ -30,6 +30,9 @@
 #import <wtf/RetainPtr.h>
 #import <wtf/spi/darwin/XPCSPI.h>
 
+extern "C"
+void _WKSetCrashReportApplicationSpecificInformation(NSString *infoString);
+
 namespace WebKit {
 
 static void XPCServiceEventHandler(xpc_connection_t peer)
@@ -112,6 +115,18 @@
 #endif
 
     if (bootstrap) {
+#if PLATFORM(MAC)
+        if (const char* webKitBundleVersion = xpc_dictionary_get_string(bootstrap.get(), "WebKitBundleVersion")) {
+            CFBundleRef webKitBundle = CFBundleGetBundleWithIdentifier(CFSTR("com.apple.WebKit"));
+            NSString *expectedBundleVersion = (NSString *)CFBundleGetValueForInfoDictionaryKey(webKitBundle, kCFBundleVersionKey);
+
+            if (strcmp(webKitBundleVersion, expectedBundleVersion.UTF8String)) {
+                _WKSetCrashReportApplicationSpecificInformation([NSString stringWithFormat:@"WebKit framework version mismatch: '%s'", webKitBundleVersion]);
+                __builtin_trap();
+            }
+        }
+#endif
+
         if (xpc_object_t languages = xpc_dictionary_get_value(bootstrap.get(), "OverrideLanguages")) {
             @autoreleasepool {
                 NSDictionary *existingArguments = [[NSUserDefaults standardUserDefaults] volatileDomainForName:NSArgumentDomain];

Modified: trunk/Source/WebKit2/UIProcess/Launcher/mac/ProcessLauncherMac.mm (212849 => 212850)

--- trunk/Source/WebKit2/UIProcess/Launcher/mac/ProcessLauncherMac.mm	2017-02-22 21:33:10 UTC (rev 212849)
+++ trunk/Source/WebKit2/UIProcess/Launcher/mac/ProcessLauncherMac.mm	2017-02-22 21:49:54 UTC (rev 212850)
@@ -132,6 +132,9 @@
         xpc_dictionary_set_value(initializationMessage.get(), "OverrideLanguages", languages.get());
     }
 
+#if PLATFORM(MAC)
+    xpc_dictionary_set_string(initializationMessage.get(), "WebKitBundleVersion", [[NSBundle bundleWithIdentifier:@"com.apple.WebKit"].infoDictionary[(__bridge NSString *)kCFBundleVersionKey] UTF8String]);
+#endif
     xpc_connection_set_bootstrap(m_xpcConnection.get(), initializationMessage.get());
 
     if (shouldLeakBoost(m_launchOptions)) {

Modified: trunk/Source/WebKit2/WebProcess/cocoa/WebProcessCocoa.mm (212849 => 212850)

--- trunk/Source/WebKit2/WebProcess/cocoa/WebProcessCocoa.mm	2017-02-22 21:33:10 UTC (rev 212849)
+++ trunk/Source/WebKit2/WebProcess/cocoa/WebProcessCocoa.mm	2017-02-22 21:49:54 UTC (rev 212850)
@@ -447,4 +447,12 @@
     RELEASE_LOG(ProcessSuspension, "%p - WebProcess::destroyRenderingResources() took %.2fms", this, (endTime - startTime) * 1000.0);
 }
 
+// FIXME: This should live somewhere else, and it should have the implementation in line instead of calling out to WKSI.
+WK_EXTERN void _WKSetCrashReportApplicationSpecificInformation(NSString *infoString);
+
+void _WKSetCrashReportApplicationSpecificInformation(NSString *infoString)
+{
+    return WKSetCrashReportApplicationSpecificInformation((__bridge CFStringRef)infoString);
+}
+
 } // namespace WebKit

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes