180492 – We need to grab the JSLock in InjectedBundle::createWebDataFromUint8Array

Bug 180492 - We need to grab the JSLock in InjectedBundle::createWebDataFromUint8Array

Summary: We need to grab the JSLock in InjectedBundle::createWebDataFromUint8Array

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	Safari Technology Preview
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Saam Barati

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2017-12-06 12:09 PST by Saam Barati
Modified:	2017-12-07 17:13 PST (History)
CC List:	20 users (show)

See Also:	180438

Attachments
patch (1.79 KB, patch) 2017-12-06 23:03 PST, Saam Barati	achristensen: review- achristensen: commit-queue-	Details \| Formatted Diff \| Diff
patch (1.62 KB, patch) 2017-12-07 15:21 PST, Saam Barati	no flags	Details \| Formatted Diff \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Saam Barati 2017-12-06 12:09:24 PST

...

Comment 1 Saam Barati 2017-12-06 23:03:58 PST

Created attachment 328682 [details]
patch

Let's see if this builds. I haven't tried locally.

Comment 2 Alex Christensen 2017-12-07 15:04:33 PST

Comment on attachment 328682 [details]
patch

Please give a radar, a reason, or even better: a test that used to do something bad and now does something good.

Comment 3 Saam Barati 2017-12-07 15:07:35 PST

(In reply to Alex Christensen from comment #2)
> Comment on attachment 328682 [details]
> patch
> 
> Please give a radar, a reason, or even better: a test that used to do
> something bad and now does something good.

Ryan pointed out that a test is already failing because of this.
See:
https://bugs.webkit.org/show_bug.cgi?id=180438
and
https://build.webkit.org/results/Apple%20El%20Capitan%20Debug%20WK2%20(Tests)/r225440%20(4421)/webaudio/audiobuffersource-crash-log.txt
Is that enough?

I'm happy to add this reason to the changelog:
```
WKBundleCreateWKDataFromUInt8Array may allocate from the JS heap. To do so, you must be holding the JSLock.
```

Comment 4 Alex Christensen 2017-12-07 15:11:14 PST

Please add that to the ChangeLog, and also move the change to InjectedBundle::createWebDataFromUint8Array instead of at the API layer in case we add something else that calls that.

Comment 5 Saam Barati 2017-12-07 15:21:38 PST

Created attachment 328748 [details]
patch

Comment 6 WebKit Commit Bot 2017-12-07 17:12:22 PST

Comment on attachment 328748 [details]
patch

Clearing flags on attachment: 328748

Committed r225658: <https://trac.webkit.org/changeset/225658>

Comment 7 WebKit Commit Bot 2017-12-07 17:12:23 PST

All reviewed patches have been landed.  Closing bug.

Comment 8 Radar WebKit Bug Importer 2017-12-07 17:13:36 PST

<rdar://problem/35924114>

achristensen
ap
beidson
benjamin
commit-queue
fpizlo
ggaren
gskachkov
jfbastien
keith_miller
mark.lam
msaboff
rmorisset
rniwa
ryanhaddad
sam
thorton
ticaiolima
webkit-bug-importer
ysuzuki