Skip to site navigation (Press enter)

[webkit-changes] [270041] trunk/Source/WebCore

andresg_22 Thu, 19 Nov 2020 11:52:42 -0800

Title: [270041] trunk/Source/WebCore

Revision: 270041
Author: andresg...@apple.com
Date: 2020-11-19 11:51:58 -0800 (Thu, 19 Nov 2020)

Log Message

Fix for crash in Accessibility::performFunctionOnMainThread.
https://bugs.webkit.org/show_bug.cgi?id=219168


Reviewed by Chris Fleizach.

AXIsolatedObject::performFunctionOnMainThread captures the this pointer
to be accessed on the main thread. But since the same object can be
accessed concurrently on the AX thread, Accessibility::performFunctionOnMainThread
must be blocking even though the caller doesn't expect a return value.

* accessibility/AccessibilityObjectInterface.h:
(WebCore::Accessibility::performFunctionOnMainThread):

Modified Paths

trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/accessibility/AccessibilityObjectInterface.h

Diff

Modified: trunk/Source/WebCore/ChangeLog (270040 => 270041)


--- trunk/Source/WebCore/ChangeLog	2020-11-19 19:43:15 UTC (rev 270040)
+++ trunk/Source/WebCore/ChangeLog	2020-11-19 19:51:58 UTC (rev 270041)
@@ -1,3 +1,18 @@
+2020-11-19  Andres Gonzalez  <andresg...@apple.com>
+
+        Fix for crash in Accessibility::performFunctionOnMainThread.
+        https://bugs.webkit.org/show_bug.cgi?id=219168
+
+        Reviewed by Chris Fleizach.
+
+        AXIsolatedObject::performFunctionOnMainThread captures the this pointer
+        to be accessed on the main thread. But since the same object can be
+        accessed concurrently on the AX thread, Accessibility::performFunctionOnMainThread
+        must be blocking even though the caller doesn't expect a return value.
+
+        * accessibility/AccessibilityObjectInterface.h:
+        (WebCore::Accessibility::performFunctionOnMainThread):
+
 2020-11-19  Fujii Hironori  <hironori.fu...@sony.com>
 
         [TextureMapperGL] The invert filter wrongly inverts pre-multiplied alpha color

Modified: trunk/Source/WebCore/accessibility/AccessibilityObjectInterface.h (270040 => 270041)


--- trunk/Source/WebCore/accessibility/AccessibilityObjectInterface.h	2020-11-19 19:43:15 UTC (rev 270040)
+++ trunk/Source/WebCore/accessibility/AccessibilityObjectInterface.h	2020-11-19 19:51:58 UTC (rev 270041)
@@ -1559,7 +1559,7 @@
     if (isMainThread())
         return lambda();
 
-    callOnMainThread([&lambda] {
+    callOnMainThreadAndWait([&lambda] {
         lambda();
     });
 }

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes