Crash under WebKit::WebProcessProxy::didBecomeUnresponsive()
authorcdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 14 May 2019 19:48:09 +0000 (19:48 +0000)
committercdumez@apple.com <cdumez@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 14 May 2019 19:48:09 +0000 (19:48 +0000)
https://bugs.webkit.org/show_bug.cgi?id=197883
<rdar://problem/50665984>

Reviewed by Alex Christensen.

Protect |this| in didBecomeUnresponsive() and didExceedCPULimit() since we call client
delegates and those may cause |this| to get destroyed.

* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::didBecomeUnresponsive):
(WebKit::WebProcessProxy::didExceedCPULimit):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@245298 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/ChangeLog
Source/WebKit/UIProcess/WebProcessProxy.cpp

index 1402774..e99018a 100644 (file)
@@ -1,5 +1,20 @@
 2019-05-14  Chris Dumez  <cdumez@apple.com>
 
+        Crash under WebKit::WebProcessProxy::didBecomeUnresponsive()
+        https://bugs.webkit.org/show_bug.cgi?id=197883
+        <rdar://problem/50665984>
+
+        Reviewed by Alex Christensen.
+
+        Protect |this| in didBecomeUnresponsive() and didExceedCPULimit() since we call client
+        delegates and those may cause |this| to get destroyed.
+
+        * UIProcess/WebProcessProxy.cpp:
+        (WebKit::WebProcessProxy::didBecomeUnresponsive):
+        (WebKit::WebProcessProxy::didExceedCPULimit):
+
+2019-05-14  Chris Dumez  <cdumez@apple.com>
+
         The network process tries to take a process assertion when NetworkProcess::processWillSuspendImminently() is called
         https://bugs.webkit.org/show_bug.cgi?id=197888
 
index 79c2e5a..5c7ff9e 100644 (file)
@@ -713,6 +713,8 @@ void WebProcessProxy::didReceiveInvalidMessage(IPC::Connection& connection, IPC:
 
 void WebProcessProxy::didBecomeUnresponsive()
 {
+    auto protectedThis = makeRef(*this);
+
     m_isResponsive = NoOrMaybe::No;
 
     auto isResponsiveCallbacks = WTFMove(m_isResponsiveCallbacks);
@@ -1322,6 +1324,8 @@ void WebProcessProxy::didExceedInactiveMemoryLimit()
 
 void WebProcessProxy::didExceedCPULimit()
 {
+    auto protectedThis = makeRef(*this);
+
     for (auto& page : pages()) {
         if (page->isPlayingAudio()) {
             RELEASE_LOG(PerformanceLogging, "%p - WebProcessProxy::didExceedCPULimit() WebProcess with pid %d has exceeded the background CPU limit but we are not terminating it because there is audio playing", this, processIdentifier());