WebKit Bugzilla
Attachment 358257 Details for
Bug 193110
: Crash under WebProcessPool::addSuspendedPage()
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-193110-20190103092851.patch (text/plain), 4.41 KB, created by
Chris Dumez
on 2019-01-03 09:28:51 PST
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Chris Dumez
Created:
2019-01-03 09:28:51 PST
Size:
4.41 KB
patch
obsolete
>Subversion Revision: 239579 >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index 2b64654065768d0b80b01729caa2205e5e232037..d377a849d96db69c106d13ce6f283e969e5769b0 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,18 @@ >+2019-01-03 Chris Dumez <cdumez@apple.com> >+ >+ Crash under WebProcessPool::addSuspendedPage() >+ https://bugs.webkit.org/show_bug.cgi?id=193110 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ When PageCache is disabled, WebProcessPool::m_maxSuspendedPageCount is 0 and WebProcessPool::addSuspendedPage() >+ would call m_suspendedPages.removeFirst() even though m_suspendedPages is empty, causing a crash. >+ Do an early return when m_maxSuspendedPageCount is 0 since we do not want to add any suspended page in this >+ case. >+ >+ * UIProcess/WebProcessPool.cpp: >+ (WebKit::WebProcessPool::addSuspendedPage): >+ > 2019-01-02 Brent Fulgham <bfulgham@apple.com> > > Remove unused logging service >diff --git a/Source/WebKit/UIProcess/WebProcessPool.cpp b/Source/WebKit/UIProcess/WebProcessPool.cpp >index b75538db6a3c02d7baba3740872c4b66863c9aa0..71ec76ee8711953e7969a95b4d1deadcedd05550 100644 >--- a/Source/WebKit/UIProcess/WebProcessPool.cpp >+++ b/Source/WebKit/UIProcess/WebProcessPool.cpp >@@ -2256,6 +2256,9 @@ void WebProcessPool::processForNavigationInternal(WebPageProxy& page, const API: > > void WebProcessPool::addSuspendedPage(std::unique_ptr<SuspendedPageProxy>&& suspendedPage) > { >+ if (!m_maxSuspendedPageCount) >+ return; >+ > if (m_suspendedPages.size() >= m_maxSuspendedPageCount) > m_suspendedPages.removeFirst(); > >diff --git a/Tools/ChangeLog b/Tools/ChangeLog >index cef356ebe085c69f88580798a1ab59702b2dae0a..83074fef25b72b9b2d628fe99e4babf06e99e267 100644 >--- a/Tools/ChangeLog >+++ b/Tools/ChangeLog >@@ -1,3 +1,14 @@ >+2019-01-03 Chris Dumez <cdumez@apple.com> >+ >+ Crash under WebProcessPool::addSuspendedPage() >+ https://bugs.webkit.org/show_bug.cgi?id=193110 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Add API test coverage. >+ >+ * TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm: >+ > 2019-01-02 Daniel Bates <dabates@apple.com> > > [lldb-webkit] Remove broken code to print WTF::OptionSet::m_storage >diff --git a/Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm b/Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm >index 2434bcec8c1e11b543bdb78f8d5f2fe5be97f7a3..47a27e395401dfc217ea9dee61f26cf1ef47f17b 100644 >--- a/Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm >+++ b/Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm >@@ -2735,6 +2735,41 @@ TEST(ProcessSwap, NavigateToDataURLThenBack) > EXPECT_EQ(pid2, pid3); > } > >+TEST(ProcessSwap, NavigateCrossSiteWithPageCacheDisabled) >+{ >+ auto processPoolConfiguration = adoptNS([[_WKProcessPoolConfiguration alloc] init]); >+ processPoolConfiguration.get().processSwapsOnNavigation = YES; >+ processPoolConfiguration.get().pageCacheEnabled = NO; >+ auto processPool = adoptNS([[WKProcessPool alloc] _initWithConfiguration:processPoolConfiguration.get()]); >+ >+ auto webViewConfiguration = adoptNS([[WKWebViewConfiguration alloc] init]); >+ [webViewConfiguration setProcessPool:processPool.get()]; >+ auto handler = adoptNS([[PSONScheme alloc] init]); >+ [webViewConfiguration setURLSchemeHandler:handler.get() forURLScheme:@"PSON"]; >+ >+ auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600) configuration:webViewConfiguration.get()]); >+ auto navigationDelegate = adoptNS([[PSONNavigationDelegate alloc] init]); >+ [webView setNavigationDelegate:navigationDelegate.get()]; >+ >+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"pson://www.webkit.org/main.html"]]]; >+ TestWebKitAPI::Util::run(&done); >+ done = false; >+ auto webkitPID = [webView _webProcessIdentifier]; >+ >+ [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:@"pson://www.apple.com/main.html"]]]; >+ TestWebKitAPI::Util::run(&done); >+ done = false; >+ auto applePID = [webView _webProcessIdentifier]; >+ >+ EXPECT_NE(webkitPID, applePID); >+ >+ [webView goBack]; >+ TestWebKitAPI::Util::run(&done); >+ done = false; >+ >+ EXPECT_NE(applePID, [webView _webProcessIdentifier]); >+} >+ > TEST(ProcessSwap, APIControlledProcessSwapping) > { > auto webViewConfiguration = adoptNS([[WKWebViewConfiguration alloc] init]);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=358257">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 193110
: 358257