Title: [233941] trunk/Tools
- Revision
- 233941
- Author
- [email protected]
- Date
- 2018-07-18 16:33:22 -0700 (Wed, 18 Jul 2018)
Log Message
REGRESSION (r233897): CrashTracer: com.apple.WebKit.WebContent.Development at com.apple.WebKit: WKBooleanGetValue + 9
https://bugs.webkit.org/show_bug.cgi?id=187784
<rdar://problem/42329230>
Reviewed by Brady Eidson.
When process swapping on navigation, WebPageProxy::reattachToWebProcess() unregisters the page as a MessageReceiver
from the old WebProcessProxy and registers itself as a MessageReceiver for the new WebProcessProxy instead. This
means that after this point, IPC sent by the previous WebProcess to its WebPageProxy will fail.
When we process swap, we also navigate the page in the old WebProcess to about:blank, when the navigation to
about:blank would complete, the WebKitTestRunner's injected bundle would try and send IPC to the WebPageProxy
which would fail and would cause WKBundlePagePostSynchronousMessageForTesting() to return a null result. WKTR
would crash when dereferencing this null result. This patch addresses this by dealing with the potential null
result.
* WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:
(WTR::InjectedBundle::shouldProcessWorkQueue const):
Modified Paths
Diff
Modified: trunk/Tools/ChangeLog (233940 => 233941)
--- trunk/Tools/ChangeLog 2018-07-18 23:29:57 UTC (rev 233940)
+++ trunk/Tools/ChangeLog 2018-07-18 23:33:22 UTC (rev 233941)
@@ -1,3 +1,24 @@
+2018-07-18 Chris Dumez <[email protected]>
+
+ REGRESSION (r233897): CrashTracer: com.apple.WebKit.WebContent.Development at com.apple.WebKit: WKBooleanGetValue + 9
+ https://bugs.webkit.org/show_bug.cgi?id=187784
+ <rdar://problem/42329230>
+
+ Reviewed by Brady Eidson.
+
+ When process swapping on navigation, WebPageProxy::reattachToWebProcess() unregisters the page as a MessageReceiver
+ from the old WebProcessProxy and registers itself as a MessageReceiver for the new WebProcessProxy instead. This
+ means that after this point, IPC sent by the previous WebProcess to its WebPageProxy will fail.
+
+ When we process swap, we also navigate the page in the old WebProcess to about:blank, when the navigation to
+ about:blank would complete, the WebKitTestRunner's injected bundle would try and send IPC to the WebPageProxy
+ which would fail and would cause WKBundlePagePostSynchronousMessageForTesting() to return a null result. WKTR
+ would crash when dereferencing this null result. This patch addresses this by dealing with the potential null
+ result.
+
+ * WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:
+ (WTR::InjectedBundle::shouldProcessWorkQueue const):
+
2018-07-18 Dean Jackson <[email protected]>
Provide an lldb type summary for WebCore::Color
Modified: trunk/Tools/WebKitTestRunner/InjectedBundle/InjectedBundle.cpp (233940 => 233941)
--- trunk/Tools/WebKitTestRunner/InjectedBundle/InjectedBundle.cpp 2018-07-18 23:29:57 UTC (rev 233940)
+++ trunk/Tools/WebKitTestRunner/InjectedBundle/InjectedBundle.cpp 2018-07-18 23:33:22 UTC (rev 233941)
@@ -854,6 +854,11 @@
WKBundlePagePostSynchronousMessageForTesting(page()->page(), messageName.get(), 0, &resultToPass);
WKRetainPtr<WKBooleanRef> isEmpty(AdoptWK, static_cast<WKBooleanRef>(resultToPass));
+ // The IPC failed. This happens when swapping processes on navigation because the WebPageProxy unregisters itself
+ // as a MessageReceiver from the old WebProcessProxy and register itself with the new WebProcessProxy instead.
+ if (!isEmpty)
+ return false;
+
return !WKBooleanGetValue(isEmpty.get());
}
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
