[webkit-changes] [227115] branches/safari-605-branch/Source/WebCore

Wed, 17 Jan 2018 21:47:58 -0800

Title: [227115] branches/safari-605-branch/Source/WebCore

Diff

Modified: branches/safari-605-branch/Source/WebCore/ChangeLog (227114 => 227115)


--- branches/safari-605-branch/Source/WebCore/ChangeLog	2018-01-18 05:47:41 UTC (rev 227114)
+++ branches/safari-605-branch/Source/WebCore/ChangeLog	2018-01-18 05:47:43 UTC (rev 227115)
@@ -1,5 +1,35 @@
 2018-01-17  Jason Marcell  <[email protected]>
 
+        Cherry-pick r227073. rdar://problem/36598265
+
+    2018-01-17  Daniel Bates  <[email protected]>
+
+            WebCoreResourceHandleAsOperationQueueDelegate/ResourceHandleCFURLConnectionDelegateWithOperationQueue may
+            be deleted in main thread callback
+            https://bugs.webkit.org/show_bug.cgi?id=181747
+            <rdar://problem/36588120>
+
+            Reviewed by Alex Christensen.
+
+            Retain the delegate (e.g. WebCoreResourceHandleAsOperationQueueDelegate) before scheduling
+            a main thread callback and blocking on a semaphore for its reply because the main thread
+            callback can do anything, including deleting the delegate, before the non-main thread
+            has a chance to execute. For instance, a PingHandle will delete itself (and hence delete
+            its resource handle delegate) in most of the code paths invoked by the delegate.
+
+            * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
+            (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willSendRequest):
+            (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveResponse):
+            (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willCacheResponse):
+            (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::canRespondToProtectionSpace):
+            * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:
+            (-[WebCoreResourceHandleAsOperationQueueDelegate connection:willSendRequest:redirectResponse:]):
+            (-[WebCoreResourceHandleAsOperationQueueDelegate connection:canAuthenticateAgainstProtectionSpace:]):
+            (-[WebCoreResourceHandleAsOperationQueueDelegate connection:didReceiveResponse:]):
+            (-[WebCoreResourceHandleAsOperationQueueDelegate connection:willCacheResponse:]):
+
+2018-01-17  Jason Marcell  <[email protected]>
+
         Cherry-pick r227070. rdar://problem/36598339
 
     2018-01-17  Chris Dumez  <[email protected]>

Modified: branches/safari-605-branch/Source/WebCore/platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp (227114 => 227115)


--- branches/safari-605-branch/Source/WebCore/platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp	2018-01-18 05:47:41 UTC (rev 227114)
+++ branches/safari-605-branch/Source/WebCore/platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp	2018-01-18 05:47:43 UTC (rev 227115)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2013 Apple Inc.  All rights reserved.
+ * Copyright (C) 2013-2018 Apple Inc.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -145,7 +145,8 @@
     }
 
     ASSERT(!isMainThread());
-    
+
+    auto protectedThis = makeRef(*this);
     auto work = [this, protectedThis = makeRef(*this), cfRequest = RetainPtr<CFURLRequestRef>(cfRequest), originalRedirectResponse = RetainPtr<CFURLResponseRef>(originalRedirectResponse)] () mutable {
         auto& handle = protectedThis->m_handle;
         auto completionHandler = [this, protectedThis = WTFMove(protectedThis)] (ResourceRequest&& request) {
@@ -178,6 +179,7 @@
 
 void ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveResponse(CFURLConnectionRef connection, CFURLResponseRef cfResponse)
 {
+    auto protectedThis = makeRef(*this);
     auto work = [protectedThis = makeRef(*this), cfResponse = RetainPtr<CFURLResponseRef>(cfResponse), connection = RetainPtr<CFURLConnectionRef>(connection)] () {
         auto& handle = protectedThis->m_handle;
         
@@ -291,6 +293,7 @@
             return nullptr;
     }
 
+    auto protectedThis = makeRef(*this);
     auto work = [protectedThis = makeRef(*this), cachedResponse = RetainPtr<CFCachedURLResponseRef>(cachedResponse)] () {
         auto& handle = protectedThis->m_handle;
         
@@ -356,6 +359,7 @@
 #if USE(PROTECTION_SPACE_AUTH_CALLBACK)
 Boolean ResourceHandleCFURLConnectionDelegateWithOperationQueue::canRespondToProtectionSpace(CFURLProtectionSpaceRef protectionSpace)
 {
+    auto protectedThis = makeRef(*this);
     auto work = [protectedThis = makeRef(*this), protectionSpace = RetainPtr<CFURLProtectionSpaceRef>(protectionSpace)] () mutable {
         auto& handle = protectedThis->m_handle;

Modified: branches/safari-605-branch/Source/WebCore/platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm (227114 => 227115)


--- branches/safari-605-branch/Source/WebCore/platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm	2018-01-18 05:47:41 UTC (rev 227114)
+++ branches/safari-605-branch/Source/WebCore/platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm	2018-01-18 05:47:43 UTC (rev 227115)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2004-2017 Apple Inc. All rights reserved.
+ * Copyright (C) 2004-2018 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -143,6 +143,7 @@
         LOG(Network, "Handle %p delegate connection:%p willSendRequest:%@ redirectResponse:non-HTTP", m_handle, connection, [newRequest description]); 
 #endif
 
+    auto protectedSelf = retainPtr(self);
     auto work = [self = self, protectedSelf = retainPtr(self), newRequest = retainPtr(newRequest), redirectResponse = retainPtr(redirectResponse)] () mutable {
         if (!m_handle) {
             m_requestResult = nullptr;
@@ -186,6 +187,7 @@
 
     LOG(Network, "Handle %p delegate connection:%p canAuthenticateAgainstProtectionSpace:%@://%@:%u realm:%@ method:%@ %@%@", m_handle, connection, [protectionSpace protocol], [protectionSpace host], [protectionSpace port], [protectionSpace realm], [protectionSpace authenticationMethod], [protectionSpace isProxy] ? @"proxy:" : @"", [protectionSpace isProxy] ? [protectionSpace proxyType] : @"");
 
+    auto protectedSelf = retainPtr(self);
     auto work = [self = self, protectedSelf = retainPtr(self), protectionSpace = retainPtr(protectionSpace)] () mutable {
         if (!m_handle) {
             m_boolResult = NO;
@@ -206,6 +208,7 @@
 
     LOG(Network, "Handle %p delegate connection:%p didReceiveResponse:%p (HTTP status %d, reported MIMEType '%s')", m_handle, connection, r, [r respondsToSelector:@selector(statusCode)] ? [(id)r statusCode] : 0, [[r MIMEType] UTF8String]);
 
+    auto protectedSelf = retainPtr(self);
     auto work = [self = self, protectedSelf = retainPtr(self), r = retainPtr(r), connection = retainPtr(connection)] () mutable {
         RefPtr<ResourceHandle> protectedHandle(m_handle);
         if (!m_handle || !m_handle->client()) {
@@ -325,6 +328,7 @@
 
     LOG(Network, "Handle %p delegate connection:%p willCacheResponse:%p", m_handle, connection, cachedResponse);
 
+    auto protectedSelf = retainPtr(self);
     auto work = [self = self, protectedSelf = retainPtr(self), cachedResponse = retainPtr(cachedResponse)] () mutable {
         if (!m_handle || !m_handle->client()) {
             m_cachedResponseResult = nullptr;

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to