Diff
Modified: releases/WebKitGTK/webkit-2.22/LayoutTests/ChangeLog (236043 => 236044)
--- releases/WebKitGTK/webkit-2.22/LayoutTests/ChangeLog 2018-09-17 08:50:43 UTC (rev 236043)
+++ releases/WebKitGTK/webkit-2.22/LayoutTests/ChangeLog 2018-09-17 09:24:56 UTC (rev 236044)
@@ -1,3 +1,17 @@
+2018-08-22 Ryosuke Niwa <[email protected]>
+
+ Assert in NetworkBlobRegistry::unregisterBlobURL after network process had terminated
+ https://bugs.webkit.org/show_bug.cgi?id=188880
+
+ Reviewed by Saam Barati.
+
+ Added a layout test which demonstrates this debug assertion.
+
+ * TestExpectations:
+ * fast/files/blob-network-process-crash-expected.txt: Added.
+ * fast/files/blob-network-process-crash.html: Added.
+ * platform/wk2/TestExpectations:
+
2018-08-22 Rob Buis <[email protected]>
Fetch: Stop checking Request.integrity's value in no-cors mode
Modified: releases/WebKitGTK/webkit-2.22/LayoutTests/TestExpectations (236043 => 236044)
--- releases/WebKitGTK/webkit-2.22/LayoutTests/TestExpectations 2018-09-17 08:50:43 UTC (rev 236043)
+++ releases/WebKitGTK/webkit-2.22/LayoutTests/TestExpectations 2018-09-17 09:24:56 UTC (rev 236044)
@@ -388,6 +388,9 @@
# Only supported in WebKit2.
http/wpt/cross-origin-resource-policy/ [ Skip ]
+# testRunner.terminateNetworkProcess() only works in WebKit2
+fast/files/blob-network-process-crash.html [ Skip ]
+
#//////////////////////////////////////////////////////////////////////////////////////////
# End platform-specific tests.
#//////////////////////////////////////////////////////////////////////////////////////////
Added: releases/WebKitGTK/webkit-2.22/LayoutTests/fast/files/blob-network-process-crash-expected.txt (0 => 236044)
--- releases/WebKitGTK/webkit-2.22/LayoutTests/fast/files/blob-network-process-crash-expected.txt (rev 0)
+++ releases/WebKitGTK/webkit-2.22/LayoutTests/fast/files/blob-network-process-crash-expected.txt 2018-09-17 09:24:56 UTC (rev 236044)
@@ -0,0 +1,2 @@
+This tests unregistering a Blob object after the network process to which it was registered crashed.
+WebKit should not hit a debug assertion in the network process.
Added: releases/WebKitGTK/webkit-2.22/LayoutTests/fast/files/blob-network-process-crash.html (0 => 236044)
--- releases/WebKitGTK/webkit-2.22/LayoutTests/fast/files/blob-network-process-crash.html (rev 0)
+++ releases/WebKitGTK/webkit-2.22/LayoutTests/fast/files/blob-network-process-crash.html 2018-09-17 09:24:56 UTC (rev 236044)
@@ -0,0 +1,39 @@
+<!DOCTYPE html>
+<html>
+<body>
+<p>This tests unregistering a Blob object after the network process to which it was registered crashed.<br>
+WebKit should not hit a debug assertion in the network process.</p>
+<script>
+
+if (!window.testRunner)
+ document.write('This test requires testRunner and GCController');
+else {
+ testRunner.dumpAsText();
+ testRunner.waitUntilDone();
+
+ let blobs = new Array(100);
+ for (let i = 0; i < 100; i++) {
+ blobs[i] = new Array(10);
+ for (let j = 0; j < 10; j++)
+ blobs[i][j] = new Blob(["some text"]);
+ }
+
+ testRunner.terminateNetworkProcess();
+
+ setTimeout(() => {
+ const newBlob = new Blob(["some text"]);
+ for (let i = 0; i < 100; i++) {
+ for (let j = 0; j < 10; j++)
+ blobs[i][j] = { };
+ }
+ blobs = null;
+ GCController.collect();
+ fetch('blob-network-process-crash.html').then(() => {
+ testRunner.notifyDone();
+ });
+ }, 0);
+}
+
+</script>
+</body>
+</html>
Modified: releases/WebKitGTK/webkit-2.22/LayoutTests/platform/wk2/TestExpectations (236043 => 236044)
--- releases/WebKitGTK/webkit-2.22/LayoutTests/platform/wk2/TestExpectations 2018-09-17 08:50:43 UTC (rev 236043)
+++ releases/WebKitGTK/webkit-2.22/LayoutTests/platform/wk2/TestExpectations 2018-09-17 09:24:56 UTC (rev 236044)
@@ -737,6 +737,8 @@
http/tests/navigation/useragent-reload.php [ Pass ]
webkit.org/b/187931 storage/indexeddb/modern/opendatabase-after-storage-crash.html [ Skip ]
+# testRunner.terminateNetworkProcess() only works in WebKit2
+fast/files/blob-network-process-crash.html [ Pass ]
### END OF (5) Progressions, expected successes that are expected failures in WebKit1.
########################################
Modified: releases/WebKitGTK/webkit-2.22/Source/WebKit/ChangeLog (236043 => 236044)
--- releases/WebKitGTK/webkit-2.22/Source/WebKit/ChangeLog 2018-09-17 08:50:43 UTC (rev 236043)
+++ releases/WebKitGTK/webkit-2.22/Source/WebKit/ChangeLog 2018-09-17 09:24:56 UTC (rev 236044)
@@ -1,3 +1,20 @@
+2018-08-22 Ryosuke Niwa <[email protected]>
+
+ Assert in NetworkBlobRegistry::unregisterBlobURL after network process had terminated
+ https://bugs.webkit.org/show_bug.cgi?id=188880
+
+ Reviewed by Saam Barati.
+
+ Removed the debug assertion. WebContent process might be asking this network process
+ to unregister a blob registered from another network processs which had since crashed.
+
+ We could keep track of which blob had been registered with which network process
+ in WebContent process and avoid sending IPC to the network process but that's a lot of
+ house-keeping for virtually no benefit other than not hitting this assertion.
+
+ * NetworkProcess/FileAPI/NetworkBlobRegistry.cpp:
+ (WebKit::NetworkBlobRegistry::unregisterBlobURL):
+
2018-08-22 Tim Horton <[email protected]>
De-unify WebPage
Modified: releases/WebKitGTK/webkit-2.22/Source/WebKit/NetworkProcess/FileAPI/NetworkBlobRegistry.cpp (236043 => 236044)
--- releases/WebKitGTK/webkit-2.22/Source/WebKit/NetworkProcess/FileAPI/NetworkBlobRegistry.cpp 2018-09-17 08:50:43 UTC (rev 236043)
+++ releases/WebKitGTK/webkit-2.22/Source/WebKit/NetworkProcess/FileAPI/NetworkBlobRegistry.cpp 2018-09-17 09:24:56 UTC (rev 236044)
@@ -122,7 +122,6 @@
blobRegistry().unregisterBlobURL(url);
- ASSERT(mapIterator->value.contains(url));
mapIterator->value.remove(url);
}
Modified: releases/WebKitGTK/webkit-2.22/Tools/ChangeLog (236043 => 236044)
--- releases/WebKitGTK/webkit-2.22/Tools/ChangeLog 2018-09-17 08:50:43 UTC (rev 236043)
+++ releases/WebKitGTK/webkit-2.22/Tools/ChangeLog 2018-09-17 09:24:56 UTC (rev 236044)
@@ -1,3 +1,22 @@
+2018-08-22 Ryosuke Niwa <[email protected]>
+
+ Assert in NetworkBlobRegistry::unregisterBlobURL after network process had terminated
+ https://bugs.webkit.org/show_bug.cgi?id=188880
+
+ Reviewed by Saam Barati.
+
+ Fixed the bug that testRunner's terminateNetworkProcess, terminateServiceWorkerProcess, and terminateStorageProcess
+ were asynchronously terminating respective processes. Do so synchronously so that we can deterministically
+ test WebKit's behavior in layout tests.
+
+ * WebKitTestRunner/InjectedBundle/TestRunner.cpp:
+ (WTR::TestRunner::terminateNetworkProcess):
+ (WTR::TestRunner::terminateServiceWorkerProcess):
+ (WTR::TestRunner::terminateStorageProcess):
+ * WebKitTestRunner/TestInvocation.cpp:
+ (WTR::TestInvocation::didReceiveMessageFromInjectedBundle):
+ (WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):
+
2018-09-01 Michael Catanzaro <[email protected]>
[WPE] 2.21.91 fails to build with ENABLE_MINIBROWSER
Modified: releases/WebKitGTK/webkit-2.22/Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp (236043 => 236044)
--- releases/WebKitGTK/webkit-2.22/Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp 2018-09-17 08:50:43 UTC (rev 236043)
+++ releases/WebKitGTK/webkit-2.22/Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp 2018-09-17 09:24:56 UTC (rev 236044)
@@ -1236,19 +1236,19 @@
void TestRunner::terminateNetworkProcess()
{
WKRetainPtr<WKStringRef> messageName(AdoptWK, WKStringCreateWithUTF8CString("TerminateNetworkProcess"));
- WKBundlePagePostMessage(InjectedBundle::singleton().page()->page(), messageName.get(), nullptr);
+ WKBundlePagePostSynchronousMessageForTesting(InjectedBundle::singleton().page()->page(), messageName.get(), nullptr, nullptr);
}
void TestRunner::terminateServiceWorkerProcess()
{
WKRetainPtr<WKStringRef> messageName(AdoptWK, WKStringCreateWithUTF8CString("TerminateServiceWorkerProcess"));
- WKBundlePagePostMessage(InjectedBundle::singleton().page()->page(), messageName.get(), nullptr);
+ WKBundlePagePostSynchronousMessageForTesting(InjectedBundle::singleton().page()->page(), messageName.get(), nullptr, nullptr);
}
void TestRunner::terminateStorageProcess()
{
WKRetainPtr<WKStringRef> messageName(AdoptWK, WKStringCreateWithUTF8CString("TerminateStorageProcess"));
- WKBundlePagePostMessage(InjectedBundle::singleton().page()->page(), messageName.get(), nullptr);
+ WKBundlePagePostSynchronousMessageForTesting(InjectedBundle::singleton().page()->page(), messageName.get(), nullptr, nullptr);
}
static unsigned nextUIScriptCallbackID()
Modified: releases/WebKitGTK/webkit-2.22/Tools/WebKitTestRunner/TestInvocation.cpp (236043 => 236044)
--- releases/WebKitGTK/webkit-2.22/Tools/WebKitTestRunner/TestInvocation.cpp 2018-09-17 08:50:43 UTC (rev 236043)
+++ releases/WebKitGTK/webkit-2.22/Tools/WebKitTestRunner/TestInvocation.cpp 2018-09-17 09:24:56 UTC (rev 236044)
@@ -735,24 +735,6 @@
return;
}
- if (WKStringIsEqualToUTF8CString(messageName, "TerminateStorageProcess")) {
- ASSERT(!messageBody);
- TestController::singleton().terminateStorageProcess();
- return;
- }
-
- if (WKStringIsEqualToUTF8CString(messageName, "TerminateNetworkProcess")) {
- ASSERT(!messageBody);
- TestController::singleton().terminateNetworkProcess();
- return;
- }
-
- if (WKStringIsEqualToUTF8CString(messageName, "TerminateServiceWorkerProcess")) {
- ASSERT(!messageBody);
- TestController::singleton().terminateServiceWorkerProcess();
- return;
- }
-
if (WKStringIsEqualToUTF8CString(messageName, "RunUIProcessScript")) {
WKDictionaryRef messageBodyDictionary = static_cast<WKDictionaryRef>(messageBody);
WKRetainPtr<WKStringRef> scriptKey(AdoptWK, WKStringCreateWithUTF8CString("Script"));
@@ -1415,6 +1397,24 @@
return nullptr;
}
+ if (WKStringIsEqualToUTF8CString(messageName, "TerminateStorageProcess")) {
+ ASSERT(!messageBody);
+ TestController::singleton().terminateStorageProcess();
+ return nullptr;
+ }
+
+ if (WKStringIsEqualToUTF8CString(messageName, "TerminateNetworkProcess")) {
+ ASSERT(!messageBody);
+ TestController::singleton().terminateNetworkProcess();
+ return nullptr;
+ }
+
+ if (WKStringIsEqualToUTF8CString(messageName, "TerminateServiceWorkerProcess")) {
+ ASSERT(!messageBody);
+ TestController::singleton().terminateServiceWorkerProcess();
+ return nullptr;
+ }
+
ASSERT_NOT_REACHED();
return nullptr;
}
