[webkit-changes] [210334] branches/safari-603-branch/Source/WebKit2

Thu, 05 Jan 2017 09:08:13 -0800

Title: [210334] branches/safari-603-branch/Source/WebKit2
Revision
210334
Author
matthew_han...@apple.com
Date
2017-01-05 09:08:30 -0800 (Thu, 05 Jan 2017)

Log Message

Merge r209995. rdar://problem/29626731


Modified Paths

Diff

Modified: branches/safari-603-branch/Source/WebKit2/ChangeLog (210333 => 210334)


--- branches/safari-603-branch/Source/WebKit2/ChangeLog	2017-01-05 17:08:27 UTC (rev 210333)
+++ branches/safari-603-branch/Source/WebKit2/ChangeLog	2017-01-05 17:08:30 UTC (rev 210334)
@@ -1,3 +1,23 @@
+2017-01-05  Matthew Hanson  <matthew_han...@apple.com>
+
+        Merge r209995. rdar://problem/29626731
+
+    2016-12-19  Anders Carlsson  <ander...@apple.com>
+
+            REGRESSION: Crash in com.apple.WebKit:IPC::Connection::platformCanSendOutgoingMessages() const + 0
+            https://bugs.webkit.org/show_bug.cgi?id=165817
+            rdar://problem/29626731
+
+            Reviewed by Dan Bernstein.
+
+            If the receive right is invalidated before we send the message, the kernel won't be able to create a send right,
+            and we'll crash due to mach_msg returning MACH_SEND_INVALID_RIGHT.
+
+            Fix this by immediately creating a send right, and passing MACH_MSG_TYPE_MOVE_SEND to the attachment constructor.
+
+            * WebProcess/WebPage/WebInspector.cpp:
+            (WebKit::WebInspector::openFrontendConnection):
+
 2016-12-20  Babak Shafiei  <bshaf...@apple.com>
 
         Merge r210031.

Modified: branches/safari-603-branch/Source/WebKit2/WebProcess/WebPage/WebInspector.cpp (210333 => 210334)


--- branches/safari-603-branch/Source/WebKit2/WebProcess/WebPage/WebInspector.cpp	2017-01-05 17:08:27 UTC (rev 210333)
+++ branches/safari-603-branch/Source/WebKit2/WebProcess/WebPage/WebInspector.cpp	2017-01-05 17:08:30 UTC (rev 210334)
@@ -79,9 +79,11 @@
 #elif OS(DARWIN)
     mach_port_t listeningPort;
     mach_port_allocate(mach_task_self(), MACH_PORT_RIGHT_RECEIVE, &listeningPort);
+    mach_port_insert_right(mach_task_self(), listeningPort, listeningPort, MACH_MSG_TYPE_MAKE_SEND);
 
     IPC::Connection::Identifier connectionIdentifier(listeningPort);
-    IPC::Attachment connectionClientPort(listeningPort, MACH_MSG_TYPE_MAKE_SEND);
+    IPC::Attachment connectionClientPort(listeningPort, MACH_MSG_TYPE_MOVE_SEND);
+
 #else
     notImplemented();
     return;

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to