Skip to site navigation (Press enter)

[webkit-changes] [159173] trunk/Source/WebKit2

andersca Tue, 12 Nov 2013 18:23:30 -0800

Title: [159173] trunk/Source/WebKit2

Revision: 159173
Author: [email protected]
Date: 2013-11-12 18:24:35 -0800 (Tue, 12 Nov 2013)

Log Message

fast/canvas/webgl/draw-arrays-out-of-bounds.html is flaky on Mavericks WK2 testers, fails about 20% of the time
https://bugs.webkit.org/show_bug.cgi?id=124223
<rdar://problem/15333977>


Reviewed by Tim Horton.

It's wrong to use DataReferences in sync IPC replies; the underlying MessageDecoder will be freed after the call to
sendSync returns and the DataReference will point to freed memory. Use a Vector<char> instead.

* NetworkProcess/NetworkConnectionToWebProcess.messages.in:
* NetworkProcess/SynchronousNetworkLoaderClient.cpp:
(WebKit::SynchronousNetworkLoaderClient::didReceiveBuffer):
(WebKit::SynchronousNetworkLoaderClient::sendDelayedReply):
* NetworkProcess/SynchronousNetworkLoaderClient.h:
* WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:
(WebKit::WebPlatformStrategies::loadResourceSynchronously):

Modified Paths

trunk/Source/WebKit2/ChangeLog
trunk/Source/WebKit2/NetworkProcess/NetworkConnectionToWebProcess.messages.in
trunk/Source/WebKit2/NetworkProcess/SynchronousNetworkLoaderClient.cpp
trunk/Source/WebKit2/NetworkProcess/SynchronousNetworkLoaderClient.h
trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebPlatformStrategies.cpp

Diff

Modified: trunk/Source/WebKit2/ChangeLog (159172 => 159173)


--- trunk/Source/WebKit2/ChangeLog	2013-11-13 02:19:33 UTC (rev 159172)
+++ trunk/Source/WebKit2/ChangeLog	2013-11-13 02:24:35 UTC (rev 159173)
@@ -1,3 +1,22 @@
+2013-11-12  Anders Carlsson  <[email protected]>
+
+        fast/canvas/webgl/draw-arrays-out-of-bounds.html is flaky on Mavericks WK2 testers, fails about 20% of the time
+        https://bugs.webkit.org/show_bug.cgi?id=124223
+        <rdar://problem/15333977>
+
+        Reviewed by Tim Horton.
+
+        It's wrong to use DataReferences in sync IPC replies; the underlying MessageDecoder will be freed after the call to
+        sendSync returns and the DataReference will point to freed memory. Use a Vector<char> instead.
+
+        * NetworkProcess/NetworkConnectionToWebProcess.messages.in:
+        * NetworkProcess/SynchronousNetworkLoaderClient.cpp:
+        (WebKit::SynchronousNetworkLoaderClient::didReceiveBuffer):
+        (WebKit::SynchronousNetworkLoaderClient::sendDelayedReply):
+        * NetworkProcess/SynchronousNetworkLoaderClient.h:
+        * WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:
+        (WebKit::WebPlatformStrategies::loadResourceSynchronously):
+
 2013-11-12  Gustavo Noronha Silva  <[email protected]>
 
         Unreviewed try at fixing the GTK+ build.

Modified: trunk/Source/WebKit2/NetworkProcess/NetworkConnectionToWebProcess.messages.in (159172 => 159173)


--- trunk/Source/WebKit2/NetworkProcess/NetworkConnectionToWebProcess.messages.in	2013-11-13 02:19:33 UTC (rev 159172)
+++ trunk/Source/WebKit2/NetworkProcess/NetworkConnectionToWebProcess.messages.in	2013-11-13 02:24:35 UTC (rev 159173)
@@ -25,7 +25,7 @@
 messages -> NetworkConnectionToWebProcess LegacyReceiver {
 
     ScheduleResourceLoad(WebKit::NetworkResourceLoadParameters resourceLoadParameters)
-    PerformSynchronousLoad(WebKit::NetworkResourceLoadParameters resourceLoadParameters) -> (WebCore::ResourceError error, WebCore::ResourceResponse response, CoreIPC::DataReference data) Delayed
+    PerformSynchronousLoad(WebKit::NetworkResourceLoadParameters resourceLoadParameters) -> (WebCore::ResourceError error, WebCore::ResourceResponse response, Vector<char> data) Delayed
     RemoveLoadIdentifier(uint64_t resourceLoadIdentifier)
     
     ServePendingRequests(uint32_t resourceLoadPriority)

Modified: trunk/Source/WebKit2/NetworkProcess/SynchronousNetworkLoaderClient.cpp (159172 => 159173)


--- trunk/Source/WebKit2/NetworkProcess/SynchronousNetworkLoaderClient.cpp	2013-11-13 02:19:33 UTC (rev 159172)
+++ trunk/Source/WebKit2/NetworkProcess/SynchronousNetworkLoaderClient.cpp	2013-11-13 02:24:35 UTC (rev 159173)
@@ -88,7 +88,7 @@
     // It's unclear if the potential complexities of that approach are worth it.
     
     if (!m_responseData)
-        m_responseData = adoptPtr(new Vector<uint8_t>);
+        m_responseData = adoptPtr(new Vector<char>);
 
     m_responseData->append(buffer->data(), buffer->size());
 }
@@ -108,15 +108,12 @@
 {
     ASSERT(m_delayedReply);
 
-    uint8_t* bytes = m_responseData ? m_responseData->data() : 0;
-    size_t size = m_responseData ? m_responseData->size() : 0;
-
     if (m_response.isNull()) {
         ASSERT(!m_error.isNull());
         //platformSynthesizeErrorResponse();
     }
 
-    m_delayedReply->send(m_error, m_response, CoreIPC::DataReference(bytes, size));
+    m_delayedReply->send(m_error, m_response, m_responseData ? *m_responseData : Vector<char>());
     m_delayedReply = nullptr;
 }

Modified: trunk/Source/WebKit2/NetworkProcess/SynchronousNetworkLoaderClient.h (159172 => 159173)


--- trunk/Source/WebKit2/NetworkProcess/SynchronousNetworkLoaderClient.h	2013-11-13 02:19:33 UTC (rev 159172)
+++ trunk/Source/WebKit2/NetworkProcess/SynchronousNetworkLoaderClient.h	2013-11-13 02:24:35 UTC (rev 159173)
@@ -66,8 +66,7 @@
     RefPtr<Messages::NetworkConnectionToWebProcess::PerformSynchronousLoad::DelayedReply> m_delayedReply;
     WebCore::ResourceResponse m_response;
     WebCore::ResourceError m_error;
-    OwnPtr<Vector<uint8_t>> m_responseData;
-
+    OwnPtr<Vector<char>> m_responseData;
 };
 
 } // namespace WebKit

Modified: trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebPlatformStrategies.cpp (159172 => 159173)


--- trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebPlatformStrategies.cpp	2013-11-13 02:19:33 UTC (rev 159172)
+++ trunk/Source/WebKit2/WebProcess/WebCoreSupport/WebPlatformStrategies.cpp	2013-11-13 02:24:35 UTC (rev 159173)
@@ -258,8 +258,6 @@
     WebFrame* webFrame = webFrameLoaderClient ? webFrameLoaderClient->webFrame() : 0;
     WebPage* webPage = webFrame ? webFrame->page() : 0;
 
-    CoreIPC::DataReference dataReference;
-
     NetworkResourceLoadParameters loadParameters;
     loadParameters.identifier = resourceLoadIdentifier;
     loadParameters.webPageID = webPage ? webPage->pageID() : 0;
@@ -272,16 +270,14 @@
     loadParameters.inPrivateBrowsingMode = context->storageSession().isPrivateBrowsingSession();
     loadParameters.shouldClearReferrerOnHTTPSToHTTPRedirect = context->shouldClearReferrerOnHTTPSToHTTPRedirect();
 
-    if (!WebProcess::shared().networkConnection()->connection()->sendSync(Messages::NetworkConnectionToWebProcess::PerformSynchronousLoad(loadParameters), Messages::NetworkConnectionToWebProcess::PerformSynchronousLoad::Reply(error, response, dataReference), 0)) {
+    data.resize(0);
+
+    if (!WebProcess::shared().networkConnection()->connection()->sendSync(Messages::NetworkConnectionToWebProcess::PerformSynchronousLoad(loadParameters), Messages::NetworkConnectionToWebProcess::PerformSynchronousLoad::Reply(error, response, data), 0)) {
         response = ResourceResponse();
         error = internalError(request.url());
-        data.resize(0);
 
         return;
     }
-
-    data.resize(dataReference.size());
-    memcpy(data.data(), dataReference.data(), dataReference.size());
 }
 
 #if ENABLE(BLOB)

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes