154059 2016-02-09 18:54:25 -0800 WebFrame _stringByEvaluatingJavaScriptFromString:forceUserGesture: should assert that it is being called from the "main" thread. 2016-02-12 16:15:44 -0800 1 1 1 Unclassified WebKit WebKit Misc. WebKit Local Build Unspecified Unspecified RESOLVED FIXED InRadar P2 Normal --- 1 mark.lam mark.lam ap beidson commit-queue darin ggaren manian timothy webkit-bug-importer oldest_to_newest 1163369 0 mark.lam 2016-02-09 18:54:25 -0800 This makes it so that misbehaving clients which call it (indirectly) from another thread (not the main thread) will fail faster. Otherwise, we get potential memory corruption that results in strange crashes elsewhere later. 1163521 1 webkit-bug-importer 2016-02-10 10:38:42 -0800 <rdar://problem/24590120> 1163523 2 271005 mark.lam 2016-02-10 10:57:12 -0800 Created attachment 271005 proposed patch. 1163588 3 271005 ggaren 2016-02-10 13:26:37 -0800 Comment on attachment 271005 proposed patch. r=me 1163608 4 271005 commit-queue 2016-02-10 14:17:00 -0800 Comment on attachment 271005 proposed patch. Clearing flags on attachment: 271005 Committed r196395: <http://trac.webkit.org/changeset/196395> 1163609 5 commit-queue 2016-02-10 14:17:02 -0800 All reviewed patches have been landed. Closing bug. 1163747 6 darin 2016-02-11 07:26:32 -0800 We typically use Objective-C exceptions rather than RELEASE_ASSERT for this kind of thread restriction. These are easier for developers to understand than a crash. 1163750 7 darin 2016-02-11 08:33:58 -0800 Our previous work on this uses these functions: WebCoreThreadViolationCheckRoundOne WebCoreThreadViolationCheckRoundTwo from the header ThreadCheck.h 1163751 8 darin 2016-02-11 08:40:17 -0800 Instead, or possibly in addition to, this RELEASE_ASSERT, we should add WebCoreThreadViolationCheckRoundTwo to the public API entry point -[WebView stringByEvaluatingJavaScriptFromString:] or come up with a WebCoreThreadViolationCheckRoundThree. And possibly add it to the internal bottleneck method as well. A lot of thought went into how WebCoreThreadViolationCheck works, and it’s designed for just this sort of situation. On the other hand, it’s not surprising we have forgotten about this since that work was done 7 years ago! Bug 22976 was when we created all of this. 1164416 9 mark.lam 2016-02-12 16:15:44 -0800 (In reply to comment #8) > A lot of thought went into how WebCoreThreadViolationCheck works, and it’s > designed for just this sort of situation. I've added thread violation checks to WebView's public APIs in https://bugs.webkit.org/show_bug.cgi?id=154183. 271005 2016-02-10 10:57:12 -0800 2016-02-10 14:17:00 -0800 proposed patch. bug-154059.patch text/plain 1506 mark.lam SW5kZXg6IFNvdXJjZS9XZWJLaXQvbWFjL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2Uv V2ViS2l0L21hYy9DaGFuZ2VMb2cJKHJldmlzaW9uIDE5NjM3MCkKKysrIFNvdXJjZS9XZWJLaXQv bWFjL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE3IEBACisyMDE2LTAyLTEw ICBNYXJrIExhbSAgPG1hcmsubGFtQGFwcGxlLmNvbT4KKworICAgICAgICBXZWJGcmFtZSBfc3Ry aW5nQnlFdmFsdWF0aW5nSmF2YVNjcmlwdEZyb21TdHJpbmc6Zm9yY2VVc2VyR2VzdHVyZTogc2hv dWxkIGFzc2VydCB0aGF0IGl0IGlzIGJlaW5nIGNhbGxlZCBmcm9tIHRoZSAibWFpbiIgdGhyZWFk LgorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9MTU0MDU5 CisKKyAgICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgVGhpcyBt YWtlcyBpdCBzbyB0aGF0IG1pc2JlaGF2aW5nIGNsaWVudHMgd2hpY2ggY2FsbCBpdCAoaW5kaXJl Y3RseSkgZnJvbSBhbm90aGVyCisgICAgICAgIHRocmVhZCAobm90IHRoZSBtYWluIHRocmVhZCkg d2lsbCBmYWlsIGZhc3Rlci4gIE90aGVyd2lzZSwgd2UgZ2V0IHBvdGVudGlhbAorICAgICAgICBt ZW1vcnkgY29ycnVwdGlvbiB0aGF0IHJlc3VsdHMgaW4gc3RyYW5nZSBjcmFzaGVzIGVsc2V3aGVy ZSBsYXRlci4KKworICAgICAgICAqIFdlYlZpZXcvV2ViRnJhbWUubW06CisgICAgICAgICgtW1dl YkZyYW1lIF9zdHJpbmdCeUV2YWx1YXRpbmdKYXZhU2NyaXB0RnJvbVN0cmluZzpmb3JjZVVzZXJH ZXN0dXJlOl0pOgorCiAyMDE2LTAyLTA0ICBKZXIgTm9ibGUgIDxqZXIubm9ibGVAYXBwbGUuY29t PgogCiAgICAgICAgIFtNYWNdIEFkb3B0IE5TVVJMU2Vzc2lvbiBwcm9wZXJ0aWVzIGluIEFWQXNz ZXRSZXNvdXJjZUxvYWRlcgpJbmRleDogU291cmNlL1dlYktpdC9tYWMvV2ViVmlldy9XZWJGcmFt ZS5tbQo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2ViS2l0L21hYy9XZWJWaWV3L1dlYkZyYW1lLm1t CShyZXZpc2lvbiAxOTYzNjgpCisrKyBTb3VyY2UvV2ViS2l0L21hYy9XZWJWaWV3L1dlYkZyYW1l Lm1tCSh3b3JraW5nIGNvcHkpCkBAIC02NzAsNiArNjcwLDggQEAgLSAoTlNTdHJpbmcgKilfc3Ry aW5nQnlFdmFsdWF0aW5nSmF2YVNjcgogICAgIGlmICghc3RyaW5nKQogICAgICAgICByZXR1cm4g QCIiOwogCisgICAgUkVMRUFTRV9BU1NFUlQoaXNNYWluVGhyZWFkKCkpOworCiAgICAgQVNTRVJU KF9wcml2YXRlLT5jb3JlRnJhbWUtPmRvY3VtZW50KCkpOwogICAgIFJldGFpblB0cjxXZWJGcmFt ZT4gcHJvdGVjdChzZWxmKTsgLy8gRXhlY3V0aW5nIGFyYml0cmFyeSBKYXZhU2NyaXB0IGNhbiBk ZXN0cm95IHRoZSBmcmFtZS4KICAgICAK