Bug 184322

Summary: Add ProcessPrivilege assertions to places that access NSApp
Product: WebKit Reporter: Brent Fulgham <bfulgham>
Component: WebKit Misc.Assignee: Brent Fulgham <bfulgham>
Status: RESOLVED FIXED    
Severity: Normal CC: achristensen, bfulgham, ews-watchlist, pvollan, rniwa, saam, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=184320
Bug Depends on: 184337, 184343, 184344    
Bug Blocks: 185775    
Attachments:
Description Flags
Patch
none
Archive of layout-test-results from ews107 for mac-sierra-wk2
none
Patch
none
Patch (Rebased to current) pvollan: review+

Description Brent Fulgham 2018-04-04 17:12:03 PDT
Add new assertions to warn us if powerful API calls are used in the WbContent process.

We have refactored the WebContent code to avoid calling into these routines, but we need to guard against re-introducing them in the future.
Comment 1 Radar WebKit Bug Importer 2018-04-04 17:12:49 PDT
<rdar://problem/39194560>
Comment 2 Brent Fulgham 2018-04-04 17:16:22 PDT
Created attachment 337244 [details]
Patch
Comment 3 EWS Watchlist 2018-04-04 18:37:40 PDT
Comment on attachment 337244 [details]
Patch

Attachment 337244 [details] did not pass mac-wk2-ews (mac-wk2):
Output: http://webkit-queues.webkit.org/results/7210687

Number of test failures exceeded the failure limit.
Comment 4 EWS Watchlist 2018-04-04 18:37:42 PDT
Created attachment 337250 [details]
Archive of layout-test-results from ews107 for mac-sierra-wk2

The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews.
Bot: ews107  Port: mac-sierra-wk2  Platform: Mac OS X 10.12.6
Comment 5 Brent Fulgham 2018-04-05 10:19:32 PDT
Created attachment 337276 [details]
Patch
Comment 6 Brent Fulgham 2018-04-09 16:53:18 PDT
Created attachment 337559 [details]
Patch (Rebased to current)
Comment 7 Per Arne Vollan 2018-04-09 20:11:54 PDT
Comment on attachment 337559 [details]
Patch (Rebased to current)

View in context: https://bugs.webkit.org/attachment.cgi?id=337559&action=review

R=me.

> Source/WebCore/platform/mac/PasteboardMac.mm:678
> +    RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer));

I believe the method Pasteboard::setDragImage is still called from WebContent process. I think we can move this assert into the if statement.
Comment 8 Brent Fulgham 2018-04-09 20:41:02 PDT
Comment on attachment 337559 [details]
Patch (Rebased to current)

View in context: https://bugs.webkit.org/attachment.cgi?id=337559&action=review

>> Source/WebCore/platform/mac/PasteboardMac.mm:678
>> +    RELEASE_ASSERT(hasProcessPrivilege(ProcessPrivilege::CanCommunicateWithWindowServer));
> 
> I believe the method Pasteboard::setDragImage is still called from WebContent process. I think we can move this assert into the if statement.

OK!
Comment 9 Brent Fulgham 2018-04-09 20:50:19 PDT
Committed r230468: <https://trac.webkit.org/changeset/230468>
Comment 10 Saam Barati 2018-04-10 18:42:20 PDT
It seems like this change caused a 3% Kraken regression on Mac.
Comment 11 Brent Fulgham 2018-04-10 19:23:22 PDT
(In reply to Saam Barati from comment #10)
> It seems like this change caused a 3% Kraken regression on Mac.

Oh no! Please roll it out!

Is it possible to identify which code paths are contributing to the slowdown?

I can relays with normal DEBUG assertions.
Comment 12 Brent Fulgham 2018-04-10 19:50:27 PDT
Weakening some of these RELEASE_ASSERTS on hot code paths to normal ASSERTS:

Committed r230512: <https://trac.webkit.org/changeset/230512/webkit>
Comment 13 Brent Fulgham 2018-04-10 21:22:37 PDT
Rolled out a change that still depends on Bug 184451:

Committed r230514: <https://trac.webkit.org/changeset/230514/webkit>