Diff
Modified: branches/safari-537.74-branch/Source/WebKit2/ChangeLog (160420 => 160421)
--- branches/safari-537.74-branch/Source/WebKit2/ChangeLog 2013-12-11 11:34:08 UTC (rev 160420)
+++ branches/safari-537.74-branch/Source/WebKit2/ChangeLog 2013-12-11 11:58:05 UTC (rev 160421)
@@ -1,3 +1,26 @@
+2013-12-11 Lucas Forschler <[email protected]>
+
+ Merge r159173
+
+ 2013-11-12 Anders Carlsson <[email protected]>
+
+ fast/canvas/webgl/draw-arrays-out-of-bounds.html is flaky on Mavericks WK2 testers, fails about 20% of the time
+ https://bugs.webkit.org/show_bug.cgi?id=124223
+ <rdar://problem/15333977>
+
+ Reviewed by Tim Horton.
+
+ It's wrong to use DataReferences in sync IPC replies; the underlying MessageDecoder will be freed after the call to
+ sendSync returns and the DataReference will point to freed memory. Use a Vector<char> instead.
+
+ * NetworkProcess/NetworkConnectionToWebProcess.messages.in:
+ * NetworkProcess/SynchronousNetworkLoaderClient.cpp:
+ (WebKit::SynchronousNetworkLoaderClient::didReceiveBuffer):
+ (WebKit::SynchronousNetworkLoaderClient::sendDelayedReply):
+ * NetworkProcess/SynchronousNetworkLoaderClient.h:
+ * WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:
+ (WebKit::WebPlatformStrategies::loadResourceSynchronously):
+
2013-11-13 Lucas Forschler <[email protected]>
Merge r159248
Modified: branches/safari-537.74-branch/Source/WebKit2/NetworkProcess/NetworkConnectionToWebProcess.messages.in (160420 => 160421)
--- branches/safari-537.74-branch/Source/WebKit2/NetworkProcess/NetworkConnectionToWebProcess.messages.in 2013-12-11 11:34:08 UTC (rev 160420)
+++ branches/safari-537.74-branch/Source/WebKit2/NetworkProcess/NetworkConnectionToWebProcess.messages.in 2013-12-11 11:58:05 UTC (rev 160421)
@@ -25,7 +25,7 @@
messages -> NetworkConnectionToWebProcess LegacyReceiver {
ScheduleResourceLoad(WebKit::NetworkResourceLoadParameters resourceLoadParameters)
- PerformSynchronousLoad(WebKit::NetworkResourceLoadParameters resourceLoadParameters) -> (WebCore::ResourceError error, WebCore::ResourceResponse response, CoreIPC::DataReference data) Delayed
+ PerformSynchronousLoad(WebKit::NetworkResourceLoadParameters resourceLoadParameters) -> (WebCore::ResourceError error, WebCore::ResourceResponse response, Vector<char> data) Delayed
RemoveLoadIdentifier(uint64_t resourceLoadIdentifier)
ServePendingRequests(uint32_t resourceLoadPriority)
Modified: branches/safari-537.74-branch/Source/WebKit2/NetworkProcess/SynchronousNetworkLoaderClient.cpp (160420 => 160421)
--- branches/safari-537.74-branch/Source/WebKit2/NetworkProcess/SynchronousNetworkLoaderClient.cpp 2013-12-11 11:34:08 UTC (rev 160420)
+++ branches/safari-537.74-branch/Source/WebKit2/NetworkProcess/SynchronousNetworkLoaderClient.cpp 2013-12-11 11:58:05 UTC (rev 160421)
@@ -86,7 +86,7 @@
// It's unclear if the potential complexities of that approach are worth it.
if (!m_responseData)
- m_responseData = adoptPtr(new Vector<uint8_t>);
+ m_responseData = adoptPtr(new Vector<char>);
m_responseData->append(buffer->data(), buffer->size());
}
@@ -106,15 +106,12 @@
{
ASSERT(m_delayedReply);
- uint8_t* bytes = m_responseData ? m_responseData->data() : 0;
- size_t size = m_responseData ? m_responseData->size() : 0;
-
if (m_response.isNull()) {
ASSERT(!m_error.isNull());
//platformSynthesizeErrorResponse();
}
- m_delayedReply->send(m_error, m_response, CoreIPC::DataReference(bytes, size));
+ m_delayedReply->send(m_error, m_response, m_responseData ? *m_responseData : Vector<char>());
m_delayedReply = nullptr;
}
Modified: branches/safari-537.74-branch/Source/WebKit2/NetworkProcess/SynchronousNetworkLoaderClient.h (160420 => 160421)
--- branches/safari-537.74-branch/Source/WebKit2/NetworkProcess/SynchronousNetworkLoaderClient.h 2013-12-11 11:34:08 UTC (rev 160420)
+++ branches/safari-537.74-branch/Source/WebKit2/NetworkProcess/SynchronousNetworkLoaderClient.h 2013-12-11 11:58:05 UTC (rev 160421)
@@ -70,8 +70,7 @@
RefPtr<Messages::NetworkConnectionToWebProcess::PerformSynchronousLoad::DelayedReply> m_delayedReply;
WebCore::ResourceResponse m_response;
WebCore::ResourceError m_error;
- OwnPtr<Vector<uint8_t>> m_responseData;
-
+ OwnPtr<Vector<char>> m_responseData;
};
} // namespace WebKit
Modified: branches/safari-537.74-branch/Source/WebKit2/WebProcess/WebCoreSupport/WebPlatformStrategies.cpp (160420 => 160421)
--- branches/safari-537.74-branch/Source/WebKit2/WebProcess/WebCoreSupport/WebPlatformStrategies.cpp 2013-12-11 11:34:08 UTC (rev 160420)
+++ branches/safari-537.74-branch/Source/WebKit2/WebProcess/WebCoreSupport/WebPlatformStrategies.cpp 2013-12-11 11:58:05 UTC (rev 160421)
@@ -233,8 +233,6 @@
return;
}
- CoreIPC::DataReference dataReference;
-
NetworkResourceLoadParameters loadParameters;
loadParameters.identifier = resourceLoadIdentifier;
loadParameters.request = request;
@@ -245,16 +243,14 @@
loadParameters.inPrivateBrowsingMode = context->storageSession().isPrivateBrowsingSession();
loadParameters.shouldClearReferrerOnHTTPSToHTTPRedirect = context->shouldClearReferrerOnHTTPSToHTTPRedirect();
- if (!WebProcess::shared().networkConnection()->connection()->sendSync(Messages::NetworkConnectionToWebProcess::PerformSynchronousLoad(loadParameters), Messages::NetworkConnectionToWebProcess::PerformSynchronousLoad::Reply(error, response, dataReference), 0)) {
+ data.resize(0);
+
+ if (!WebProcess::shared().networkConnection()->connection()->sendSync(Messages::NetworkConnectionToWebProcess::PerformSynchronousLoad(loadParameters), Messages::NetworkConnectionToWebProcess::PerformSynchronousLoad::Reply(error, response, data), 0)) {
response = ResourceResponse();
error = internalError(request.url());
- data.resize(0);
return;
}
-
- data.resize(dataReference.size());
- memcpy(data.data(), dataReference.data(), dataReference.size());
}
#if ENABLE(BLOB)
