Bug 34633

Summary: WebSocket bufferedAmount should not be 0 when send after close.
Product: WebKit Reporter: Fumitoshi Ukai <ukai>
Component: WebCore JavaScriptAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: ap, eric
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Bug Depends on: 34898    
Bug Blocks:    
Attachments:
Description Flags
Patch
none
Patch
none
Patch ap: review+

Fumitoshi Ukai
Reported 2010-02-04 23:38:50 PST
WebSocket API says: The bufferedAmount attribute must return the number of bytes that have been queued but not yet sent. If the connection is closed, this attribute's value will only increase with each call to the send() method (the number does not reset to zero once the connection closes).
Attachments
Patch (13.37 KB, patch)
2010-02-04 23:56 PST, Fumitoshi Ukai 		no flags
DetailsFormatted DiffDiff
Patch (13.94 KB, patch)
2010-02-14 18:43 PST, Fumitoshi Ukai 		no flags
DetailsFormatted DiffDiff
Patch (14.35 KB, patch)
2010-02-17 17:43 PST, Fumitoshi Ukai 		ap: review+
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Fumitoshi Ukai
Comment 1 2010-02-04 23:56:59 PST
Created attachment 48206 [details] Patch
Alexey Proskuryakov
Comment 2 2010-02-10 10:33:44 PST
Comment on attachment 48206 [details] Patch + m_bufferedAmountAfterClose += message.utf8().length() + 2; // 2 for frameing "Framing"
Fumitoshi Ukai
Comment 3 2010-02-11 18:13:13 PST
Committed r54694: <http://trac.webkit.org/changeset/54694>
Eric Seidel (no email)
Comment 4 2010-02-12 14:40:23 PST
This is causing crashes under Leopard. See bug 34898. I recommend we roll this out.
Eric Seidel (no email)
Comment 5 2010-02-12 15:21:35 PST
Reverted r54694 for reason: This appears to have caused crashes on the Leopard bot. See bug 34898. Committed r54741: <http://trac.webkit.org/changeset/54741>
Eric Seidel (no email)
Comment 6 2010-02-12 15:39:19 PST
*** Bug 34898 has been marked as a duplicate of this bug. ***
Fumitoshi Ukai
Comment 7 2010-02-14 18:42:44 PST
(In reply to comment #6) > *** Bug 34898 has been marked as a duplicate of this bug. *** (In reply to comment #4) > This is causing crashes under Leopard. See bug 34898. Thanks for crash report. It shows it crashed at m_client->didReceiveMessage(String::fromUTF8(msgStart, p - msgStart)); so m_client is 0 here. This is because m_client could be 0 after some user callback called (m_client->didConnect() was called before in this function). Note that it is related to https://bugs.webkit.org/show_bug.cgi?id=34636 (onclose synchronously called. onopen -> close -> onclose). I'll add check !m_client to fix the crash.
Fumitoshi Ukai
Comment 8 2010-02-14 18:43:15 PST
Created attachment 48737 [details] Patch
Alexey Proskuryakov
Comment 9 2010-02-17 10:07:47 PST
Comment on attachment 48737 [details] Patch + if (frameByte == 0x00 && !m_client) m_client->didReceiveMessage(String::fromUTF8(msgStart, p - msgStart)); The check is backwards (should be m_client, not !m_client). Did you run regression tests with this change? If no test detects such a mistake, we should try to make one that does. Also, do we even need to continue parsing when m_client becomes null? It seems that an early return would be a better solution.
Fumitoshi Ukai
Comment 10 2010-02-17 17:37:25 PST
(In reply to comment #9) > (From update of attachment 48737 [details]) > + if (frameByte == 0x00 && !m_client) > m_client->didReceiveMessage(String::fromUTF8(msgStart, p - > msgStart)); > > The check is backwards (should be m_client, not !m_client). Did you run > regression tests with this change? If no test detects such a mistake, we should > try to make one that does. Oops. Thanks for catching this. > Also, do we even need to continue parsing when m_client becomes null? It seems > that an early return would be a better solution. Ok, I add check !m_client after it calls m_client methods, because it calls user callback, user callback may call close() and onclose handler would set m_client = 0.
Fumitoshi Ukai
Comment 11 2010-02-17 17:43:44 PST
Created attachment 48952 [details] Patch
Alexey Proskuryakov
Comment 12 2010-02-17 19:59:34 PST
Comment on attachment 48952 [details] Patch r=me
Fumitoshi Ukai
Comment 13 2010-02-17 21:32:28 PST
Committed r54927: <http://trac.webkit.org/changeset/54927>
Note You need to log in before you can comment on or make changes to this bug.