Safari crashes when attempting to close tab that is displaying PDF
authortimothy_horton@apple.com <timothy_horton@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 28 Mar 2017 21:43:49 +0000 (21:43 +0000)
committertimothy_horton@apple.com <timothy_horton@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 28 Mar 2017 21:43:49 +0000 (21:43 +0000)
https://bugs.webkit.org/show_bug.cgi?id=170201
<rdar://problem/31242019>

Reviewed by Wenson Hsieh.

* UIProcess/API/Cocoa/WKWebView.mm:
(-[WKWebView _doAfterNextStablePresentationUpdate:]):
Adopt BlockPtr to fix a leak.

(-[WKWebView _firePresentationUpdateForPendingStableStatePresentationCallbacks]):
dispatch_async in the doAfterNextPresentationUpdate callback; since this
recursively calls itself, in cases where doAfterNextPresentationUpdate
returns synchronously (e.g. if the Web Process is missing), we would
recurse infinitely.

* TestWebKitAPI/Tests/WebKit2Cocoa/DoAfterNextPresentationUpdateAfterCrash.mm:
(TEST):
Add a test for doAfterNextStablePresentationUpdate just like the existing
non-stable one.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@214495 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit2/ChangeLog
Source/WebKit2/UIProcess/API/Cocoa/WKWebView.mm
Tools/ChangeLog
Tools/TestWebKitAPI/Tests/WebKit2Cocoa/DoAfterNextPresentationUpdateAfterCrash.mm

index 300eee3..7a9899e 100644 (file)
@@ -1,3 +1,21 @@
+2017-03-28  Timothy Horton  <timothy_horton@apple.com>
+
+        Safari crashes when attempting to close tab that is displaying PDF
+        https://bugs.webkit.org/show_bug.cgi?id=170201
+        <rdar://problem/31242019>
+
+        Reviewed by Wenson Hsieh.
+
+        * UIProcess/API/Cocoa/WKWebView.mm:
+        (-[WKWebView _doAfterNextStablePresentationUpdate:]):
+        Adopt BlockPtr to fix a leak.
+
+        (-[WKWebView _firePresentationUpdateForPendingStableStatePresentationCallbacks]):
+        dispatch_async in the doAfterNextPresentationUpdate callback; since this
+        recursively calls itself, in cases where doAfterNextPresentationUpdate
+        returns synchronously (e.g. if the Web Process is missing), we would
+        recurse infinitely.
+
 2017-03-27  Youenn Fablet  <youenn@apple.com>
 
         Remove WebPage::m_shouldDoICECandidateFiltering
index 628d91e..144891a 100644 (file)
@@ -5160,22 +5160,24 @@ static WebCore::UserInterfaceLayoutDirection toUserInterfaceLayoutDirection(UISe
 
 - (void)_doAfterNextStablePresentationUpdate:(dispatch_block_t)updateBlock
 {
-    updateBlock = Block_copy(updateBlock);
+    auto updateBlockCopy = makeBlockPtr(updateBlock);
+
     if (_stableStatePresentationUpdateCallbacks)
-        [_stableStatePresentationUpdateCallbacks addObject:updateBlock];
+        [_stableStatePresentationUpdateCallbacks addObject:updateBlockCopy.get()];
     else {
-        _stableStatePresentationUpdateCallbacks = adoptNS([[NSMutableArray alloc] initWithObjects:Block_copy(updateBlock), nil]);
+        _stableStatePresentationUpdateCallbacks = adoptNS([[NSMutableArray alloc] initWithObjects:updateBlockCopy.get(), nil]);
         [self _firePresentationUpdateForPendingStableStatePresentationCallbacks];
     }
-    Block_release(updateBlock);
 }
 
 - (void)_firePresentationUpdateForPendingStableStatePresentationCallbacks
 {
     RetainPtr<WKWebView> strongSelf = self;
-    [self _doAfterNextPresentationUpdate:^() {
-        if ([strongSelf->_stableStatePresentationUpdateCallbacks count])
-            [strongSelf _firePresentationUpdateForPendingStableStatePresentationCallbacks];
+    [self _doAfterNextPresentationUpdate:[strongSelf] {
+        dispatch_async(dispatch_get_main_queue(), [strongSelf] {
+            if ([strongSelf->_stableStatePresentationUpdateCallbacks count])
+                [strongSelf _firePresentationUpdateForPendingStableStatePresentationCallbacks];
+        });
     }];
 }
 
index 99b224a..35e4ed5 100644 (file)
@@ -1,3 +1,16 @@
+2017-03-28  Timothy Horton  <timothy_horton@apple.com>
+
+        Safari crashes when attempting to close tab that is displaying PDF
+        https://bugs.webkit.org/show_bug.cgi?id=170201
+        <rdar://problem/31242019>
+
+        Reviewed by Wenson Hsieh.
+
+        * TestWebKitAPI/Tests/WebKit2Cocoa/DoAfterNextPresentationUpdateAfterCrash.mm:
+        (TEST):
+        Add a test for doAfterNextStablePresentationUpdate just like the existing
+        non-stable one.
+
 2017-03-28  Jonathan Bedard  <jbedard@apple.com>
 
         webkitpy: Use host pattern for devices
index 9df7012..79a7f03 100644 (file)
@@ -53,4 +53,24 @@ TEST(WebKit2, DoAfterNextPresentationUpdateAfterCrash)
     TestWebKitAPI::Util::run(&gotCallback);
 }
 
+TEST(WebKit2, DoAfterNextStablePresentationUpdateAfterCrash)
+{
+    RetainPtr<WKWebView> webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 100, 100)]);
+    
+    [webView loadHTMLString:@"test" baseURL:nil];
+    [webView _test_waitForDidFinishNavigation];
+    
+    [webView _killWebContentProcessAndResetState];
+    
+    __block bool gotCallback = false;
+    [webView _doAfterNextStablePresentationUpdate:^ {
+        gotCallback = true;
+    }];
+    
+    [webView loadHTMLString:@"test" baseURL:nil];
+    [webView _test_waitForDidFinishNavigation];
+    
+    TestWebKitAPI::Util::run(&gotCallback);
+}
+
 #endif