[Fetch API] response-consume.html is crashing on Mac WK1 Debug builds
authoryouenn.fablet@crf.canon.fr <youenn.fablet@crf.canon.fr@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 17 Mar 2016 11:25:10 +0000 (11:25 +0000)
committeryouenn.fablet@crf.canon.fr <youenn.fablet@crf.canon.fr@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 17 Mar 2016 11:25:10 +0000 (11:25 +0000)
https://bugs.webkit.org/show_bug.cgi?id=155490

Reviewed by Darin Adler.

Source/WebCore:

Covered by existing tests.

Ensured to lock state before calling JSC:JSONParse.
Adding fulfillPromiseWithJSON routine to handle it.
Applied it to FetchBody.

* Modules/fetch/FetchBody.cpp:
(WebCore::FetchBody::json):
(WebCore::FetchBody::loadedAsText):
(WebCore::FetchBody::resolveAsJSON): Deleted.
* Modules/fetch/FetchBody.h:
* Modules/fetch/FetchBodyOwner.cpp:
(WebCore::FetchBodyOwner::loadedBlobAsText):
* bindings/js/JSDOMPromise.cpp:
(WebCore::parseAsJSON):
(WebCore::fulfillPromiseWithJSON):
* bindings/js/JSDOMPromise.h:

LayoutTests:

* TestExpectations: Removed crash debug expectation of response-consume.html

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@198326 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/TestExpectations
Source/WebCore/ChangeLog
Source/WebCore/Modules/fetch/FetchBody.cpp
Source/WebCore/Modules/fetch/FetchBody.h
Source/WebCore/Modules/fetch/FetchBodyOwner.cpp
Source/WebCore/bindings/js/JSDOMPromise.cpp
Source/WebCore/bindings/js/JSDOMPromise.h

index a3fd2f8..36195a5 100644 (file)
@@ -1,3 +1,12 @@
+2016-03-17  Youenn Fablet  <youenn.fablet@crf.canon.fr>
+
+        [Fetch API] response-consume.html is crashing on Mac WK1 Debug builds
+        https://bugs.webkit.org/show_bug.cgi?id=155490
+
+        Reviewed by Darin Adler.
+
+        * TestExpectations: Removed crash debug expectation of response-consume.html
+
 2016-03-17  Adam Bergkvist  <adam.bergkvist@ericsson.com>
 
         WebRTC: Update RTCIceCandidate
index 97cac63..1292207 100644 (file)
@@ -324,9 +324,6 @@ imported/w3c/web-platform-tests/fetch/api/basic/scheme-blob-worker.html [ Failur
 # New W3C ref tests that are failing.
 webkit.org/b/148856 imported/w3c/web-platform-tests/html/semantics/embedded-content/the-video-element/video_initially_paused.html [ ImageOnlyFailure ]
 
-# Fetch API tests
-[ Debug ] imported/w3c/web-platform-tests/fetch/api/response/response-consume.html [ Pass Crash ]
-
 # @supports W3C Failures
 webkit.org/b/137566 css3/conditional/w3c/at-supports-010.html [ ImageOnlyFailure ]
 webkit.org/b/137568 css3/conditional/w3c/at-supports-014.html [ ImageOnlyFailure ]
index a3e3132..8f83ca9 100644 (file)
@@ -1,3 +1,28 @@
+2016-03-17  Youenn Fablet  <youenn.fablet@crf.canon.fr>
+
+        [Fetch API] response-consume.html is crashing on Mac WK1 Debug builds
+        https://bugs.webkit.org/show_bug.cgi?id=155490
+
+        Reviewed by Darin Adler.
+
+        Covered by existing tests.
+
+        Ensured to lock state before calling JSC:JSONParse.
+        Adding fulfillPromiseWithJSON routine to handle it.
+        Applied it to FetchBody.
+
+        * Modules/fetch/FetchBody.cpp:
+        (WebCore::FetchBody::json):
+        (WebCore::FetchBody::loadedAsText):
+        (WebCore::FetchBody::resolveAsJSON): Deleted.
+        * Modules/fetch/FetchBody.h:
+        * Modules/fetch/FetchBodyOwner.cpp:
+        (WebCore::FetchBodyOwner::loadedBlobAsText):
+        * bindings/js/JSDOMPromise.cpp:
+        (WebCore::parseAsJSON):
+        (WebCore::fulfillPromiseWithJSON):
+        * bindings/js/JSDOMPromise.h:
+
 2016-03-17  Adam Bergkvist  <adam.bergkvist@ericsson.com>
 
         WebRTC: Update RTCIceCandidate
index 1efa197..31dd0ee 100644 (file)
@@ -38,7 +38,6 @@
 #include "HTTPParsers.h"
 #include "JSBlob.h"
 #include "JSDOMFormData.h"
-#include <runtime/JSONObject.h>
 
 namespace WebCore {
 
@@ -135,11 +134,8 @@ void FetchBody::json(FetchBodyOwner& owner, DeferredWrapper&& promise)
     if (processIfEmptyOrDisturbed(Consumer::Type::JSON, promise))
         return;
 
-    if (!owner.scriptExecutionContext())
-        return;
-
     if (m_type == Type::Text) {
-        resolveAsJSON(*owner.scriptExecutionContext(), m_text, WTFMove(promise));
+        fulfillPromiseWithJSON(promise, m_text);
         return;
     }
     consume(owner, Consumer::Type::JSON, WTFMove(promise));
@@ -208,16 +204,6 @@ void FetchBody::consumeBlob(FetchBodyOwner& owner, Consumer::Type type, Deferred
     owner.loadBlob(*m_blob, loadingType(type));
 }
 
-void FetchBody::resolveAsJSON(ScriptExecutionContext& context, const String& data, DeferredWrapper&& promise)
-{
-    DOMRequestState state(&context);
-    JSC::JSValue value = JSC::JSONParse(state.exec(), data);
-    if (!value)
-        promise.reject<ExceptionCode>(SYNTAX_ERR);
-    else
-        promise.resolve(value);
-}
-
 Vector<char> FetchBody::extractFromText() const
 {
     ASSERT(m_type == Type::Text);
@@ -251,14 +237,14 @@ void FetchBody::loadedAsArrayBuffer(RefPtr<ArrayBuffer>&& buffer)
     m_consumer = Nullopt;
 }
 
-void FetchBody::loadedAsText(ScriptExecutionContext& context, String&& text)
+void FetchBody::loadedAsText(String&& text)
 {
     ASSERT(m_consumer);
     ASSERT(m_consumer->type == Consumer::Type::Text || m_consumer->type == Consumer::Type::JSON);
     if (m_consumer->type == Consumer::Type::Text)
         m_consumer->promise.resolve(text);
     else
-        resolveAsJSON(context, text, WTFMove(m_consumer->promise));
+        fulfillPromiseWithJSON(m_consumer->promise, text);
     m_consumer = Nullopt;
 }
 
index 965f805..a5b3c06 100644 (file)
@@ -65,7 +65,7 @@ public:
 
     void loadingFailed();
     void loadedAsArrayBuffer(RefPtr<ArrayBuffer>&&);
-    void loadedAsText(ScriptExecutionContext&, String&&);
+    void loadedAsText(String&&);
 
 private:
     enum class Type { None, Text, Blob, FormData };
@@ -86,7 +86,6 @@ private:
     bool processIfEmptyOrDisturbed(Consumer::Type, DeferredWrapper&);
     void consumeText(Consumer::Type, DeferredWrapper&&);
     void consumeBlob(FetchBodyOwner&, Consumer::Type, DeferredWrapper&&);
-    void resolveAsJSON(ScriptExecutionContext&, const String&, DeferredWrapper&&);
     static FetchLoader::Type loadingType(Consumer::Type);
 
     Type m_type = Type::None;
index 7d254c8..860ee3f 100644 (file)
@@ -69,9 +69,7 @@ void FetchBodyOwner::loadBlob(Blob& blob, FetchLoader::Type type)
 
 void FetchBodyOwner::loadedBlobAsText(String&& text)
 {
-    ASSERT(scriptExecutionContext());
-
-    m_body.loadedAsText(*scriptExecutionContext(), WTFMove(text));
+    m_body.loadedAsText(WTFMove(text));
 }
 
 void FetchBodyOwner::finishBlobLoading()
index 988528d..bfc5d7f 100644 (file)
@@ -28,6 +28,7 @@
 
 #include "ExceptionCode.h"
 #include <runtime/Exception.h>
+#include <runtime/JSONObject.h>
 
 using namespace JSC;
 
@@ -77,4 +78,19 @@ void rejectPromiseWithExceptionIfAny(JSC::ExecState& state, JSDOMGlobalObject& g
     DeferredWrapper(&state, &globalObject, &promiseDeferred).reject(error);
 }
 
+static inline JSC::JSValue parseAsJSON(JSC::ExecState* state, const String& data)
+{
+    JSC::JSLockHolder lock(state);
+    return JSC::JSONParse(state, data);
+}
+
+void fulfillPromiseWithJSON(DeferredWrapper& promise, const String& data)
+{
+    JSC::JSValue value = parseAsJSON(promise.globalObject().globalExec(), data);
+    if (!value)
+        promise.reject<ExceptionCode>(SYNTAX_ERR);
+    else
+        promise.resolve(value);
+}
+
 }
index 739ed8a..beed606 100644 (file)
@@ -55,6 +55,7 @@ private:
     JSC::Strong<JSC::JSPromiseDeferred> m_deferred;
 };
 
+void fulfillPromiseWithJSON(DeferredWrapper&, const String&);
 void rejectPromiseWithExceptionIfAny(JSC::ExecState&, JSDOMGlobalObject&, JSC::JSPromiseDeferred&);
 
 inline JSC::JSValue callPromiseFunction(JSC::ExecState& state, JSC::EncodedJSValue promiseFunction(JSC::ExecState*, JSC::JSPromiseDeferred*))