Crash in Connection::isValid when called in response to
authorjberlin@webkit.org <jberlin@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 22 Oct 2010 21:47:22 +0000 (21:47 +0000)
committerjberlin@webkit.org <jberlin@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 22 Oct 2010 21:47:22 +0000 (21:47 +0000)
VisitedLinksProvider::pendingVisitedLinksTimerFired after WebProcessProxy::didClose was
already called.
https://bugs.webkit.org/show_bug.cgi?id=48153

Reviewed by Anders Carlsson.

* UIProcess/VisitedLinkProvider.cpp:
(WebKit::VisitedLinkProvider::stopVisitedLinksTimer):
* UIProcess/VisitedLinkProvider.h:

* UIProcess/WebContext.cpp:
(WebKit::WebContext::processDidClose):
Stop the pendingVisitedLinksTimer and null out the process.
* UIProcess/WebContext.h:

* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::didClose):
Tell the WebContext that the WebProcess did close.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@70346 268f45cc-cd09-0410-ab3c-d52691b4dbfc

WebKit2/ChangeLog
WebKit2/UIProcess/VisitedLinkProvider.cpp
WebKit2/UIProcess/VisitedLinkProvider.h
WebKit2/UIProcess/WebContext.cpp
WebKit2/UIProcess/WebContext.h
WebKit2/UIProcess/WebProcessProxy.cpp

index 1f24d16..2b9fd24 100644 (file)
@@ -1,3 +1,25 @@
+2010-10-22  Jessie Berlin  <jberlin@apple.com>
+
+        Reviewed by Anders Carlsson.
+
+        Crash in Connection::isValid when called in response to
+        VisitedLinksProvider::pendingVisitedLinksTimerFired after WebProcessProxy::didClose was
+        already called.
+        https://bugs.webkit.org/show_bug.cgi?id=48153
+
+        * UIProcess/VisitedLinkProvider.cpp:
+        (WebKit::VisitedLinkProvider::stopVisitedLinksTimer):
+        * UIProcess/VisitedLinkProvider.h:
+
+        * UIProcess/WebContext.cpp:
+        (WebKit::WebContext::processDidClose):
+        Stop the pendingVisitedLinksTimer and null out the process.
+        * UIProcess/WebContext.h:
+
+        * UIProcess/WebProcessProxy.cpp:
+        (WebKit::WebProcessProxy::didClose):
+        Tell the WebContext that the WebProcess did close.
+
 2010-10-22  Sam Weinig  <sam@webkit.org>
 
         Fix Qt build.
index 83b5414..4d1871d 100644 (file)
@@ -63,6 +63,11 @@ void VisitedLinkProvider::addVisitedLink(LinkHash linkHash)
         m_pendingVisitedLinksTimer.startOneShot(0);
 }
 
+void VisitedLinkProvider::stopVisitedLinksTimer()
+{
+    m_pendingVisitedLinksTimer.stop();
+}
+
 static unsigned nextPowerOf2(unsigned v)
 {
     // Taken from http://www.cs.utk.edu/~vose/c-stuff/bithacks.html
index f095ba5..b8d53f1 100644 (file)
@@ -44,6 +44,8 @@ public:
     void populateVisitedLinksIfNeeded();
     void addVisitedLink(WebCore::LinkHash);
 
+    void stopVisitedLinksTimer();
+
 private:
     void pendingVisitedLinksTimerFired();
 
index 1a3f047..28fe68f 100644 (file)
@@ -194,6 +194,16 @@ void WebContext::processDidFinishLaunching(WebProcessProxy* process)
     m_visitedLinkProvider.populateVisitedLinksIfNeeded();
 }
 
+void WebContext::processDidClose(WebProcessProxy* process)
+{
+    // FIXME: Once we support multiple processes per context, this assertion won't hold.
+    ASSERT(process == m_process);
+
+    m_visitedLinkProvider.stopVisitedLinksTimer();
+
+    m_process = 0;
+}
+
 WebPageProxy* WebContext::createWebPage(WebPageNamespace* pageNamespace)
 {
     ensureWebProcess();
index 6834703..709c351 100644 (file)
@@ -68,6 +68,7 @@ public:
     WebProcessProxy* process() const { return m_process.get(); }
 
     void processDidFinishLaunching(WebProcessProxy*);
+    void processDidClose(WebProcessProxy*);
 
     WebPageProxy* createWebPage(WebPageNamespace*);
 
index 89d9651..58ad2cc 100644 (file)
@@ -414,6 +414,8 @@ void WebProcessProxy::didClose(CoreIPC::Connection*)
     for (size_t i = 0, size = pages.size(); i < size; ++i)
         pages[i]->processDidCrash();
 
+    m_context->processDidClose(this);
+
     // This may cause us to be deleted.
     WebProcessManager::shared().processDidClose(this, m_context);
 }