Regression(PSON): Assertion hit under WebPageProxy::didNavigateWithNavigationData()
authorcdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 10 Oct 2018 18:21:11 +0000 (18:21 +0000)
committercdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 10 Oct 2018 18:21:11 +0000 (18:21 +0000)
commit709b272d32f7e9652beab7e314fb3d01a3b62bd6
treecc216ffc93dc6a5c6fb4658591a60a664bb21d11
parentcda68d873fe3b9cc85248a3ccccd5031d16f87f8
Regression(PSON): Assertion hit under WebPageProxy::didNavigateWithNavigationData()
https://bugs.webkit.org/show_bug.cgi?id=190418
<rdar://problem/45059769>

Reviewed by Geoffrey Garen.

Source/WebKit:

When process swapping and "suspending" the previous WebProcess in a SuspendedPageProxy,
we need to keep around the main frame's ID that still exists on in this process. This
is needed so that we can re-create a UI-side WebFrameProxy for the WebFrame that exists
in the WebProcess, if we ever swap back to this suspended process (see login in
WebPageProxy::swapToWebProcess()).

The bug was that the main frame ID was stored on the WebPageProxy via m_mainFrameID instead of the
SuspendedPageProxy. This means that m_mainFrameID would get overriden when navigating in the new
WebProcess with the value 1 (because WebFrame identifiers start at 1 and are per-WebProcess).
This would lead to us constructing a WebFrameProxy with the wrong frame identifier in
WebPageProxy::swapToWebProcess(), which would override an existing unrelated WebFrame in the
WebProcessProxy's HashMap of frames. This would lead to crashes later on as the WebFrame
would not be associated to the WebPageProxy we expect.

* UIProcess/SuspendedPageProxy.cpp:
(WebKit::SuspendedPageProxy::SuspendedPageProxy):
* UIProcess/SuspendedPageProxy.h:
(WebKit::SuspendedPageProxy::mainFrameID const):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::maybeCreateSuspendedPage):
(WebKit::WebPageProxy::swapToWebProcess):
(WebKit::WebPageProxy::continueNavigationInNewProcess):
(WebKit::WebPageProxy::didCreateMainFrame):
* UIProcess/WebPageProxy.h:
* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::suspendWebPageProxy):
* UIProcess/WebProcessProxy.h:

Tools:

Add API test coverage.

* TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237008 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/WebKit/ChangeLog
Source/WebKit/UIProcess/SuspendedPageProxy.cpp
Source/WebKit/UIProcess/SuspendedPageProxy.h
Source/WebKit/UIProcess/WebPageProxy.cpp
Source/WebKit/UIProcess/WebPageProxy.h
Source/WebKit/UIProcess/WebProcessProxy.cpp
Source/WebKit/UIProcess/WebProcessProxy.h
Tools/ChangeLog
Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm