Bug 232387

Summary: Callback functions / interfaces use incorrect global object for liveness and reporting errors
Product: WebKit Reporter: Alexey Shvayka <ashvayka>
Component: BindingsAssignee: Alexey Shvayka <ashvayka>
Status: REOPENED ---    
Severity: Normal CC: ahmad.saleem792, benjamin, calvaris, cdumez, clopez, commit-queue, eric.carlson, esprehn+autocc, ews-watchlist, ggaren, glenn, hi, jenner, jer.noble, joepeck, kangil.han, kondapallykalyan, mkwst, philipj, sergio, webkit-bug-importer, youennf
Priority: P2 Keywords: BrowserCompat, InRadar, WPTImpact
Version: WebKit Nightly Build   
Hardware: All   
OS: All   
See Also: https://bugs.webkit.org/show_bug.cgi?id=235153
https://github.com/web-platform-tests/wpt/pull/32449
https://bugs.webkit.org/show_bug.cgi?id=235368
https://bugs.webkit.org/show_bug.cgi?id=235529
https://bugs.webkit.org/show_bug.cgi?id=237912
Bug Depends on: 240280, 233043, 233065, 248161    
Bug Blocks: 163412    
Attachments:
Description Flags
Patch
none
Patch for landing
none
Patch
none
Patch
none
Patch
none
Patch
none
Patch none

Description Alexey Shvayka 2021-10-27 10:11:07 PDT 
JSCallbackData should use lexical global object for errors and lifecycle
Comment 1 Alexey Shvayka 2021-10-27 10:12:07 PDT 
Created attachment 442603 [details]
Patch
Comment 2 EWS Watchlist 2021-10-27 10:13:27 PDT 
This patch modifies the imported WPT tests. Please ensure that any changes on the tests (not coming from a WPT import) are exported to WPT. Please see https://trac.webkit.org/wiki/WPTExportProcess
Comment 3 Geoffrey Garen 2021-10-27 10:46:14 PDT 
Comment on attachment 442603 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=442603&action=review

r=me -- but please fix the visit issue before landing.

> Source/WebCore/Modules/webaudio/AudioWorkletProcessor.h:75
> +    JSValueInWrappedObject m_processCallback;

We need to visit this value inside JSAudioWorkletProcessor::visitAdditionalChildren().
Comment 4 Radar WebKit Bug Importer 2021-11-03 10:12:17 PDT 
<rdar://problem/84979685>
Comment 5 Alexey Shvayka 2021-11-11 08:54:04 PST 
Created attachment 443952 [details]
Patch for landing
Comment 6 Alexey Shvayka 2021-11-11 08:54:20 PST 
(In reply to Alexey Shvayka from comment #5)
> Created attachment 443952 [details]
> Patch for landing

1. Account Geoff's feedback on visitAdditionalChildren().
2. Add [SkipCallbackInvokeCheck] to Geolocation's error callback as it's run for inactive contexts and revert erroneous test changes.
3. Add a test that ensures NodeFilter with disconnected incumbent object no longer crashes.
4. Adjust bindings tests for [SkipCallbackInvokeCheck] and reset expectations.
5. Revert resolving _incumbent_ in @whenSignalAborted as its `abort` callback can't invoke userland code.
Comment 7 Alexey Shvayka 2021-11-11 10:29:20 PST 
Committed r285639 (244140@main): <https://commits.webkit.org/244140@main>
Comment 8 Chris Dumez 2021-11-12 08:13:45 PST 
This caused https://bugs.webkit.org/show_bug.cgi?id=233043.
Comment 9 WebKit Commit Bot 2021-11-12 13:19:45 PST 
Re-opened since this is blocked by bug 233065
Comment 10 Alexey Shvayka 2021-11-12 13:47:18 PST 
Created attachment 444108 [details]
Patch

Don't pass testRunner.setGeolocationPermission directly as geo error callback to test if that caused crashes.
Comment 11 Chris Dumez 2022-01-12 15:58:15 PST 
Any update on this?

It looks like this was landed, then reverted then never re-landed?
However, the test did make it upstream.
Comment 12 Alexey Shvayka 2022-01-12 18:50:33 PST 
Created attachment 449018 [details]
Patch

Add a null check to setGeolocationPermissionCallback().
Comment 13 Alexey Shvayka 2022-01-12 18:51:22 PST 
(In reply to Chris Dumez from comment #11)
> Any update on this?
> 
> It looks like this was landed, then reverted then never re-landed?
> However, the test did make it upstream.

That's correct, sorry, will re-land once the updated patch passes the tests.
Comment 14 Chris Dumez 2022-01-13 10:30:23 PST 
Comment on attachment 449018 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=449018&action=review

> Source/WebCore/Modules/geolocation/PositionErrorCallback.idl:27
> +    SkipCallbackInvokeCheck,

I think this is wrong. We shouldn't be adding new Webkit-specific IDL attributes to get a different Web-facing behavior for one specific API. This doesn't make sense. Either the behavior of SkipCallbackInvokeCheck is the correct one and what we want everywhere, or it is not.
Comment 15 Alexey Shvayka 2022-01-13 14:43:29 PST 
Created attachment 449115 [details]
Patch

Check if a promise, returned from WebLockGrantedCallback, is suspended.
Comment 16 Alexey Shvayka 2022-01-13 14:54:02 PST 
(In reply to Chris Dumez from comment #14)
> Comment on attachment 449018 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=449018&action=review
> 
> > Source/WebCore/Modules/geolocation/PositionErrorCallback.idl:27
> > +    SkipCallbackInvokeCheck,
> 
> I think this is wrong. We shouldn't be adding new Webkit-specific IDL
> attributes to get a different Web-facing behavior for one specific API. This
> doesn't make sense. Either the behavior of SkipCallbackInvokeCheck is the
> correct one and what we want everywhere, or it is not.

Looking at https://wpt.fyi/results/dom/traversal/TreeWalker-acceptNode-filter-cross-realm-null-browsing-context.html, there might be way we can drop this attribute rather than spreading it to Geolocation.

I'm compiling a coverage like dom/traversal/TreeWalker-acceptNode-filter-cross-realm.html for all popular callbacks so we could see the whole web-compat picture. Should not take too long.
Comment 17 Alexey Shvayka 2022-01-18 20:53:50 PST 
Created attachment 449463 [details]
Patch

Use global object of _value_, remove [SkipCallbackInvokeCheck] extended attribute, and add thorough test coverage.
Comment 18 Alexey Shvayka 2022-01-19 05:28:31 PST 
Comment on attachment 449463 [details]
Patch

Putting r+ on my own patch, already reviewed by Geoff on 2021-10-27, so the WPT GitHub bot would let me land the tests PR.
Comment 19 Alexey Shvayka 2022-01-19 05:52:43 PST 
Committed r288197 (?): <https://commits.webkit.org/r288197>
Comment 20 Robert Jenner 2022-01-19 12:22:05 PST 
Reverted r288197 for reason:

Broke a test, slowing down EWS

Committed r288229 (246187@trunk): <https://commits.webkit.org/246187@trunk>
Comment 21 Alexey Shvayka 2022-01-19 19:20:10 PST 
Created attachment 449543 [details]
Patch

Fix IntersectionObserver not to rely on m_callback's context for timestamp.
Comment 22 Alexey Shvayka 2022-01-20 10:43:35 PST 
Committed r288307 (?): <https://commits.webkit.org/r288307>
Comment 23 Alexey Shvayka 2022-01-28 12:00:51 PST 
AudioWorklet changes (storing callback w/o a JSC::Strong) caused a regression: https://bugs.webkit.org/show_bug.cgi?id=235529.
Thank you Chris for taking care of it!
Comment 24 Chris Dumez 2022-05-10 15:46:14 PDT 
Reopening since this got reverted in https://commits.webkit.org/250452@main.
Comment 25 Ahmad Saleem 2023-08-27 05:46:17 PDT 
We are failing two WPT Tests:

Only failing in Safari - http://wpt.live/dom/traversal/TreeWalker-acceptNode-filter-cross-realm-null-browsing-context.html

Failing in Firefox & WebKit - http://wpt.live/dom/traversal/TreeWalker-acceptNode-filter-cross-realm.html