180492 – We need to grab the JSLock in InjectedBundle::createWebDataFromUint8Array

RESOLVED FIXED 180492

We need to grab the JSLock in InjectedBundle::createWebDataFromUint8Array

https://bugs.webkit.org/show_bug.cgi?id=180492

Summary We need to grab the JSLock in InjectedBundle::createWebDataFromUint8Array

Saam Barati

Reported 2017-12-06 12:09:24 PST

...

Attachments
patch (1.79 KB, patch) 2017-12-06 23:03 PST, Saam Barati	achristensen: review- achristensen: commit-queue-	Details Formatted Diff Diff
patch (1.62 KB, patch) 2017-12-07 15:21 PST, Saam Barati	no flags	Details Formatted Diff Diff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.

Saam Barati

Comment 1 2017-12-06 23:03:58 PST

Created attachment 328682 [details] patch Let's see if this builds. I haven't tried locally.

Alex Christensen

Comment 2 2017-12-07 15:04:33 PST

Comment on attachment 328682 [details] patch Please give a radar, a reason, or even better: a test that used to do something bad and now does something good.

Saam Barati

Comment 3 2017-12-07 15:07:35 PST

(In reply to Alex Christensen from comment #2) > Comment on attachment 328682 [details] > patch > > Please give a radar, a reason, or even better: a test that used to do > something bad and now does something good. Ryan pointed out that a test is already failing because of this. See: https://bugs.webkit.org/show_bug.cgi?id=180438 and https://build.webkit.org/results/Apple%20El%20Capitan%20Debug%20WK2%20(Tests)/r225440%20(4421)/webaudio/audiobuffersource-crash-log.txt Is that enough? I'm happy to add this reason to the changelog: ``` WKBundleCreateWKDataFromUInt8Array may allocate from the JS heap. To do so, you must be holding the JSLock. ```

Alex Christensen

Comment 4 2017-12-07 15:11:14 PST

Please add that to the ChangeLog, and also move the change to InjectedBundle::createWebDataFromUint8Array instead of at the API layer in case we add something else that calls that.

Saam Barati

Comment 5 2017-12-07 15:21:38 PST

Created attachment 328748 [details] patch

WebKit Commit Bot

Comment 6 2017-12-07 17:12:22 PST

Comment on attachment 328748 [details] patch Clearing flags on attachment: 328748 Committed r225658: <https://trac.webkit.org/changeset/225658>

WebKit Commit Bot

Comment 7 2017-12-07 17:12:23 PST

All reviewed patches have been landed. Closing bug.

Radar WebKit Bug Importer

Comment 8 2017-12-07 17:13:36 PST

<rdar://problem/35924114>

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version Safari Technology Preview

Hardware Unspecified

OS Unspecified

Product WebKit

Component JavaScriptCore

Assignee

Saam Barati

Reported

2017-12-06 12:09 PST

Modified

2017-12-07 17:13 PST History

CC List

20 users Show

URL

Keywords InRadar

Depends on

Blocks

achristensen
ap
beidson
benjamin
commit-queue
fpizlo
ggaren
gskachkov
jfbastien
keith_miller
mark.lam
msaboff
rmorisset
rniwa
ryanhaddad
sam
thorton
ticaiolima
webkit-bug-importer
ysuzuki