[webkit-changes] [216263] trunk/Source

Fri, 05 May 2017 12:45:43 -0700

Title: [216263] trunk/Source
Revision
216263
Author
bb...@apple.com
Date
2017-05-05 12:44:47 -0700 (Fri, 05 May 2017)

Log Message

CrashTracer: [USER] com.apple.WebKit.WebContent.Development at com.apple.WebCore: WebCore::commonVMSlow + 57
https://bugs.webkit.org/show_bug.cgi?id=171669
<rdar://problem/31967684>

Reviewed by Mark Lam.

Source/WebCore:

* bindings/js/CommonVM.h:
(WebCore::commonVMOrNull):
Add an inline accessor function to expose the global variable.

Source/WebKit2:

safaridriver's AutomaticInspection capability causes us to call WebInspectorProxy::connect()
underneath the Automation.inspectBrowsingContext command. This fires a NeedDebuggerBreak
interrupt for the web content's VM, but this is racy because the web content process may
not yet be fully initialized when this interrupt is handled.

To work around this, just don't deliver any interrupts if the VM singleton is still null.
This is a reliable signal that the web content process is not fully initialized yet. Not delivering
is harmless; the interrupt only exists to break out of infinite loops in JS code, but there
could not be any such infinite loop yet if the web content process is not fully initialized.

* WebProcess/WebPage/WebInspectorInterruptDispatcher.cpp:
(WebKit::WebInspectorInterruptDispatcher::notifyNeedDebuggerBreak):

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (216262 => 216263)


--- trunk/Source/WebCore/ChangeLog	2017-05-05 19:43:22 UTC (rev 216262)
+++ trunk/Source/WebCore/ChangeLog	2017-05-05 19:44:47 UTC (rev 216263)
@@ -1,3 +1,15 @@
+2017-05-05  Brian Burg  <bb...@apple.com>
+
+        CrashTracer: [USER] com.apple.WebKit.WebContent.Development at com.apple.WebCore: WebCore::commonVMSlow + 57
+        https://bugs.webkit.org/show_bug.cgi?id=171669
+        <rdar://problem/31967684>
+
+        Reviewed by Mark Lam.
+
+        * bindings/js/CommonVM.h:
+        (WebCore::commonVMOrNull):
+        Add an inline accessor function to expose the global variable.
+
 2017-05-05  Filip Pizlo  <fpi...@apple.com>
 
         GCController.cpp's collect() should be Async

Modified: trunk/Source/WebCore/bindings/js/CommonVM.h (216262 => 216263)


--- trunk/Source/WebCore/bindings/js/CommonVM.h	2017-05-05 19:43:22 UTC (rev 216262)
+++ trunk/Source/WebCore/bindings/js/CommonVM.h	2017-05-05 19:44:47 UTC (rev 216263)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2016-2017 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -37,6 +37,11 @@
 
 WEBCORE_EXPORT JSC::VM& commonVMSlow();
 
+inline JSC::VM* commonVMOrNull()
+{
+    return g_commonVMOrNull;
+}
+
 inline JSC::VM& commonVM()
 {
     if (JSC::VM* result = g_commonVMOrNull)

Modified: trunk/Source/WebKit2/ChangeLog (216262 => 216263)


--- trunk/Source/WebKit2/ChangeLog	2017-05-05 19:43:22 UTC (rev 216262)
+++ trunk/Source/WebKit2/ChangeLog	2017-05-05 19:44:47 UTC (rev 216263)
@@ -1,5 +1,26 @@
 2017-05-05  Brian Burg  <bb...@apple.com>
 
+        CrashTracer: [USER] com.apple.WebKit.WebContent.Development at com.apple.WebCore: WebCore::commonVMSlow + 57
+        https://bugs.webkit.org/show_bug.cgi?id=171669
+        <rdar://problem/31967684>
+
+        Reviewed by Mark Lam.
+
+        safaridriver's AutomaticInspection capability causes us to call WebInspectorProxy::connect()
+        underneath the Automation.inspectBrowsingContext command. This fires a NeedDebuggerBreak
+        interrupt for the web content's VM, but this is racy because the web content process may
+        not yet be fully initialized when this interrupt is handled.
+
+        To work around this, just don't deliver any interrupts if the VM singleton is still null.
+        This is a reliable signal that the web content process is not fully initialized yet. Not delivering
+        is harmless; the interrupt only exists to break out of infinite loops in JS code, but there
+        could not be any such infinite loop yet if the web content process is not fully initialized.
+
+        * WebProcess/WebPage/WebInspectorInterruptDispatcher.cpp:
+        (WebKit::WebInspectorInterruptDispatcher::notifyNeedDebuggerBreak):
+
+2017-05-05  Brian Burg  <bb...@apple.com>
+
         Web Automation: cookie-related commands don't work correctly
         https://bugs.webkit.org/show_bug.cgi?id=171713
         <rdar://problem/29829930>

Modified: trunk/Source/WebKit2/WebProcess/WebPage/WebInspectorInterruptDispatcher.cpp (216262 => 216263)


--- trunk/Source/WebKit2/WebProcess/WebPage/WebInspectorInterruptDispatcher.cpp	2017-05-05 19:43:22 UTC (rev 216262)
+++ trunk/Source/WebKit2/WebProcess/WebPage/WebInspectorInterruptDispatcher.cpp	2017-05-05 19:44:47 UTC (rev 216263)
@@ -32,7 +32,7 @@
 #include <wtf/WorkQueue.h>
 
 namespace WebKit {
-    
+
 Ref<WebInspectorInterruptDispatcher> WebInspectorInterruptDispatcher::create()
 {
     return adoptRef(*new WebInspectorInterruptDispatcher);
@@ -54,6 +54,11 @@
 
 void WebInspectorInterruptDispatcher::notifyNeedDebuggerBreak()
 {
+    // If the web process has not been fully initialized yet, then there
+    // is no VM to be notified and thus no infinite loop to break. Bail out.
+    if (!WebCore::commonVMOrNull())
+        return;
+
     JSC::VM& vm = WebCore::commonVM();
     vm.notifyNeedDebuggerBreak();
 }

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to