Kernel: Make Process a Weakable class.

Use this to fix a use-after-free in ~GraphicsBitmap(). We'd hit this when
the WindowServer was doing a deferred destruction of a WSWindow whose
backing store referred to a now-reaped Process.

Kernel/Process.h

@@ -12,6 +12,7 @@
 #include <AK/AKString.h>
 #include <AK/Vector.h>
 #include <AK/WeakPtr.h>
+#include <AK/Weakable.h>
 #include <AK/Lock.h>
 
 class FileDescriptor;
@@ -45,7 +46,7 @@ struct DisplayInfo {
     byte* framebuffer;
 };
 
-class Process : public InlineLinkedListNode<Process> {
+class Process : public InlineLinkedListNode<Process>, public Weakable<Process> {
     friend class InlineLinkedListNode<Process>;
     friend class WSWindowManager; // FIXME: Make a better API for allocate_region().
     friend class GraphicsBitmap; // FIXME: Make a better API for allocate_region().

SharedGraphics/GraphicsBitmap.cpp

@@ -16,7 +16,7 @@ RetainPtr<GraphicsBitmap> GraphicsBitmap::create(Process& process, const Size& s
 GraphicsBitmap::GraphicsBitmap(Process& process, const Size& size)
     : m_size(size)
     , m_pitch(size.width() * sizeof(RGBA32))
-    , m_client_process(&process)
+    , m_client_process(process.makeWeakPtr())
 {
     InterruptDisabler disabler;
     size_t size_in_bytes = size.width() * size.height() * sizeof(RGBA32);
@@ -47,7 +47,7 @@ GraphicsBitmap::GraphicsBitmap(const Size& size, RGBA32* data)
 GraphicsBitmap::~GraphicsBitmap()
 {
 #ifdef KERNEL
-    if (m_client_region)
+    if (m_client_region && m_client_process)
         m_client_process->deallocate_region(*m_client_region);
     if (m_server_region)
         WSMessageLoop::the().server_process().deallocate_region(*m_server_region);

SharedGraphics/GraphicsBitmap.h

@@ -43,7 +43,7 @@ private:
     size_t m_pitch { 0 };
 
 #ifdef KERNEL
-    Process* m_client_process { nullptr };
+    WeakPtr<Process> m_client_process;
     Region* m_client_region { nullptr };
     Region* m_server_region { nullptr };
 #endif