[webkit-changes] [WebKit/WebKit] e78988: REGRESSION (iOS 16 Beta): Crash adding / removing ...

Sat, 17 Sep 2022 17:41:27 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: e7898844fe5a7ac2ccc907df169803ed6fad3399
      
https://github.com/WebKit/WebKit/commit/e7898844fe5a7ac2ccc907df169803ed6fad3399
  Author: Alex Christensen <[email protected]>
  Date:   2022-09-17 (Sat, 17 Sep 2022)

  Changed paths:
    M Source/WebKit/Shared/WebUserContentControllerDataTypes.cpp
    M Source/WebKit/Shared/WebUserContentControllerDataTypes.h
    M Source/WebKit/UIProcess/UserContent/WebScriptMessageHandler.cpp
    M Source/WebKit/UIProcess/UserContent/WebScriptMessageHandler.h
    M Source/WebKit/WebProcess/UserContent/WebUserContentController.cpp

  Log Message:
  -----------
  REGRESSION (iOS 16 Beta): Crash adding / removing ScriptMessageHandlers to 
WKUserContentController
https://bugs.webkit.org/show_bug.cgi?id=243343

Reviewed by Chris Dumez.

250289@main made WebScriptMessageHandler.m_name an AtomString instead of a 
String.
This makes it easier for the UI process to crash because of corrupted 
AtomString tables
due to either misusing APIs on background threads or constructing a JSContext 
before initializing threading,
which then calls SmallStrings::initializeCommonStrings in the VM constructor.
Unfortunately TestWebKitAPI initializes threading in the TestsController 
constructor before starting any test code,
so we don't have CI infrastructure that can prevent regressions like this right 
now.
I did, however, verify that the example app WKWebViewBridgeCrashJSContext 
asserts every time and crashes sometimes
before this fix but not after.

* Source/WebKit/Shared/WebUserContentControllerDataTypes.cpp:
(WebKit::WebScriptMessageHandlerData::decode):
* Source/WebKit/Shared/WebUserContentControllerDataTypes.h:
* Source/WebKit/UIProcess/UserContent/WebScriptMessageHandler.cpp:
(WebKit::WebScriptMessageHandler::create):
(WebKit::WebScriptMessageHandler::WebScriptMessageHandler):
* Source/WebKit/UIProcess/UserContent/WebScriptMessageHandler.h:
(WebKit::WebScriptMessageHandler::name const):
* Source/WebKit/WebProcess/UserContent/WebUserContentController.cpp:
(WebKit::WebUserContentController::addUserScriptMessageHandlers):

Canonical link: https://commits.webkit.org/254599@main


_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to