Changeset 113604 in webkit

Timestamp:

Apr 9, 2012 12:28:42 PM (12 years ago)

Author:

commit-queue@webkit.org

Message:

[soup] Crash while loading ​http://www.jusco.cn
​https://bugs.webkit.org/show_bug.cgi?id=68238

Patch by Martin Robinson <​mrobinson@igalia.com> on 2012-04-09
Reviewed by Philippe Normand.

.:

• configure.ac: Bumped the libsoup dependency to 2.37.90.

Source/WebCore:

Test: http/tests/xmlhttprequest/xmlhttprequest-sync-no-timers.html

When running synchronous XMLHttpRequests, push a new inner thread default
context, so that other sources from timers and network activity do not run.
This will make synchronous requests truly synchronous with the rest of
WebCore.

• platform/network/soup/ResourceHandleSoup.cpp:

(WebCoreSynchronousLoader): Clean up the method definitions a bit by writing them inline.
(WebCore::WebCoreSynchronousLoader::WebCoreSynchronousLoader): Push a new thread default
context to prevent other sources from running.
(WebCore::WebCoreSynchronousLoader::~WebCoreSynchronousLoader): Pop the inner thread default context.
(WebCore::closeCallback): If the client is synchronous call didFinishLoading now.
(WebCore::readCallback): Only call didFinishLoading if the client isn't synchronous.
(WebCore::ResourceHandle::defaultSession): Activate use-thread-context so that the soup session
respects the inner thread context.

LayoutTests:

• http/tests/xmlhttprequest/xmlhttprequest-sync-no-timers-expected.txt: Added.
• http/tests/xmlhttprequest/xmlhttprequest-sync-no-timers.html: Added.

Location:

trunk

Files:

• ChangeLog (modified) (1 diff)
• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-sync-no-timers-expected.txt (added)
• LayoutTests/http/tests/xmlhttprequest/xmlhttprequest-sync-no-timers.html (added)
• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp (modified) (5 diffs)

trunk/ChangeLog

@@ +1 @@
+2012-04-09  Martin Robinson  <mrobinson@igalia.com>
+
+        [soup] Crash while loading http://www.jusco.cn
+        https://bugs.webkit.org/show_bug.cgi?id=68238
+
+        Reviewed by Philippe Normand.
+
+        * configure.ac: Bumped the libsoup dependency to 2.37.90.
+
 2012-04-09  Abhishek Arya  <inferno@chromium.org>
 

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2012-04-09  Martin Robinson  <mrobinson@igalia.com>
+
+        [soup] Crash while loading http://www.jusco.cn
+        https://bugs.webkit.org/show_bug.cgi?id=68238
+
+        Reviewed by Philippe Normand.
+
+        * http/tests/xmlhttprequest/xmlhttprequest-sync-no-timers-expected.txt: Added.
+        * http/tests/xmlhttprequest/xmlhttprequest-sync-no-timers.html: Added.
+
 2012-04-09  Martin Robinson  <mrobinson@igalia.com>
 

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2012-04-09  Martin Robinson  <mrobinson@igalia.com>
+
+        [soup] Crash while loading http://www.jusco.cn
+        https://bugs.webkit.org/show_bug.cgi?id=68238
+
+        Reviewed by Philippe Normand.
+
+        Test: http/tests/xmlhttprequest/xmlhttprequest-sync-no-timers.html
+
+        When running synchronous XMLHttpRequests, push a new inner thread default
+        context, so that other sources from timers and network activity do not run.
+        This will make synchronous requests truly synchronous with the rest of
+        WebCore.
+
+        * platform/network/soup/ResourceHandleSoup.cpp:
+        (WebCoreSynchronousLoader): Clean up the method definitions a bit by writing them inline.
+        (WebCore::WebCoreSynchronousLoader::WebCoreSynchronousLoader): Push a new thread default
+        context to prevent other sources from running.
+        (WebCore::WebCoreSynchronousLoader::~WebCoreSynchronousLoader): Pop the inner thread default context.
+        (WebCore::closeCallback): If the client is synchronous call didFinishLoading now.
+        (WebCore::readCallback): Only call didFinishLoading if the client isn't synchronous.
+        (WebCore::ResourceHandle::defaultSession): Activate use-thread-context so that the soup session
+        respects the inner thread context.
+
 2012-04-09  Dana Jansens  <danakj@chromium.org>
 

trunk/Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp

@@ -70 +70 @@
 #define READ_BUFFER_SIZE 8192
 
+static bool loadingSynchronousRequest = false;
+
 class WebCoreSynchronousLoader : public ResourceHandleClient {
     WTF_MAKE_NONCOPYABLE(WebCoreSynchronousLoader);
 public:
-    WebCoreSynchronousLoader(ResourceError&, ResourceResponse &, Vector<char>&);
-    ~WebCoreSynchronousLoader();
-
-    virtual void didReceiveResponse(ResourceHandle*, const ResourceResponse&);
-    virtual void didReceiveData(ResourceHandle*, const char*, int, int encodedDataLength);
-    virtual void didFinishLoading(ResourceHandle*, double /*finishTime*/);
-    virtual void didFail(ResourceHandle*, const ResourceError&);
-
-    void run();
+
+    WebCoreSynchronousLoader(ResourceError& error, ResourceResponse& response, Vector<char>& data)
+        : m_error(error)
+        , m_response(response)
+        , m_data(data)
+        , m_finished(false)
+    {
+        // We don't want any timers to fire while we are doing our synchronous load
+        // so we replace the thread default main context. The main loop iterations
+        // will only process GSources associated with this inner context.
+        loadingSynchronousRequest = true;
+        GRefPtr<GMainContext> innerMainContext = adoptGRef(g_main_context_new());
+        g_main_context_push_thread_default(innerMainContext.get());
+        m_mainLoop = g_main_loop_new(innerMainContext.get(), false);
+    }
+
+    ~WebCoreSynchronousLoader()
+    {
+        g_main_context_pop_thread_default(g_main_context_get_thread_default());
+        loadingSynchronousRequest = false;
+    }
+
+    virtual bool isSynchronousClient()
+    {
+        return true;
+    }
+
+    virtual void didReceiveResponse(ResourceHandle*, const ResourceResponse& response)
+    {
+        m_response = response;
+    }
+
+    virtual void didReceiveData(ResourceHandle*, const char* data, int length, int)
+    {
+        m_data.append(data, length);
+    }
+
+    virtual void didFinishLoading(ResourceHandle*, double)
+    {
+        if (g_main_loop_is_running(m_mainLoop.get()))
+            g_main_loop_quit(m_mainLoop.get());
+        m_finished = true;
+    }
+
+    virtual void didFail(ResourceHandle* handle, const ResourceError& error)
+    {
+        m_error = error;
+        didFinishLoading(handle, 0);
+    }
+
+    void run()
+    {
+        if (!m_finished)
+            g_main_loop_run(m_mainLoop.get());
+    }
 
 private:
@@ -90 +138 @@
     GRefPtr<GMainLoop> m_mainLoop;
 };
-
-WebCoreSynchronousLoader::WebCoreSynchronousLoader(ResourceError& error, ResourceResponse& response, Vector<char>& data)
-    : m_error(error)
-    , m_response(response)
-    , m_data(data)
-    , m_finished(false)
-{
-    m_mainLoop = adoptGRef(g_main_loop_new(0, false));
-}
-
-WebCoreSynchronousLoader::~WebCoreSynchronousLoader()
-{
-}
-
-void WebCoreSynchronousLoader::didReceiveResponse(ResourceHandle*, const ResourceResponse& response)
-{
-    m_response = response;
-}
-
-void WebCoreSynchronousLoader::didReceiveData(ResourceHandle*, const char* data, int length, int)
-{
-    m_data.append(data, length);
-}
-
-void WebCoreSynchronousLoader::didFinishLoading(ResourceHandle*, double)
-{
-    g_main_loop_quit(m_mainLoop.get());
-    m_finished = true;
-}
-
-void WebCoreSynchronousLoader::didFail(ResourceHandle* handle, const ResourceError& error)
-{
-    m_error = error;
-    didFinishLoading(handle, 0);
-}
-
-void WebCoreSynchronousLoader::run()
-{
-    if (!m_finished)
-        g_main_loop_run(m_mainLoop.get());
-}
 
 static void cleanupSoupRequestOperation(ResourceHandle*, bool isDestroying);
@@ -635 +642 @@
 {
     RefPtr<ResourceHandle> handle = static_cast<ResourceHandle*>(data);
-
     ResourceHandleInternal* d = handle->getInternal();
+
     g_input_stream_close_finish(d->m_inputStream.get(), res, 0);
+
+    ResourceHandleClient* client = handle->client();
+    if (client && loadingSynchronousRequest)
+        client->didFinishLoading(handle.get(), 0);
+
     cleanupSoupRequestOperation(handle.get());
 }
@@ -668 +680 @@
     if (!bytesRead) {
         // We inform WebCore of load completion now instead of waiting for the input
-        // stream to close because the input stream is closed asynchronously.
-        client->didFinishLoading(handle.get(), 0);
+        // stream to close because the input stream is closed asynchronously. If this
+        // is a synchronous request, we wait until the closeCallback, because we don't
+        // want to halt the internal main loop before the input stream closes.
+        if (client && !loadingSynchronousRequest) {
+            client->didFinishLoading(handle.get(), 0);
+            handle->setClient(0); // Unset the client so that we do not try to access th
+                                  // client in the closeCallback.
+        }
         g_input_stream_close_async(d->m_inputStream.get(), G_PRIORITY_DEFAULT, 0, closeCallback, handle.get());
         return;
@@ -741 +759 @@
                      SOUP_SESSION_ADD_FEATURE_BY_TYPE, SOUP_TYPE_CONTENT_SNIFFER,
                      SOUP_SESSION_ADD_FEATURE_BY_TYPE, SOUP_TYPE_PROXY_RESOLVER_DEFAULT,
+                     SOUP_SESSION_USE_THREAD_CONTEXT, TRUE,
                      NULL);
     }