Branch: refs/heads/webkitglib/2.46
Home: https://github.com/WebKit/WebKit
Commit: 2ae15ce6c5e0c2f77b967c48bf249894abc706f5
https://github.com/WebKit/WebKit/commit/2ae15ce6c5e0c2f77b967c48bf249894abc706f5
Author: Yusuke Suzuki <[email protected]>
Date: 2025-03-13 (Thu, 13 Mar 2025)
Changed paths:
M Source/JavaScriptCore/bytecode/UnlinkedCodeBlock.cpp
Log Message:
-----------
Cherry-pick 291720@main (3a3f835a76f0).
https://bugs.webkit.org/show_bug.cgi?id=289268
[JSC] m_expressionInfo may be not set yet
https://bugs.webkit.org/show_bug.cgi?id=289268
rdar://146399098
Reviewed by Yijia Huang.
Since this field is set after object allocation is done, there is a
chance that concurrent GC markers find this object before setting a
value to m_expressionInfo field and accessing it. So, it can be a
nullptr, thus we should check nullptr check before using it from
concurrent GC markers.
* Source/JavaScriptCore/bytecode/UnlinkedCodeBlock.cpp:
(JSC::UnlinkedCodeBlock::visitChildrenImpl):
Canonical link: https://commits.webkit.org/291720@main
Canonical link: https://commits.webkit.org/282416.477@webkitglib/2.46
Commit: 40a0fc8457de087282c4c1489fdba84a9a1c4391
https://github.com/WebKit/WebKit/commit/40a0fc8457de087282c4c1489fdba84a9a1c4391
Author: Yusuke Suzuki <[email protected]>
Date: 2025-03-13 (Thu, 13 Mar 2025)
Changed paths:
M Source/WebCore/dom/MessageEvent.cpp
Log Message:
-----------
Cherry-pick 291689@main (151ef788a55c).
https://bugs.webkit.org/show_bug.cgi?id=289218
REGRESSION: ASSERTION FAILED: !m_needExceptionCheck: ./runtime/VM.cpp(1450)
: void JSC::VM::verifyExceptionCheckNeedIsSatisfied(unsigned int,
ExceptionEventLocation &)
https://bugs.webkit.org/show_bug.cgi?id=289218
rdar://146364641
Reviewed by Ryosuke Niwa.
MessageEvent is broken, which does not handle SerializedScriptValue
properly.
* Source/WebCore/dom/MessageEvent.cpp:
(WebCore::MessageEvent::create):
Canonical link: https://commits.webkit.org/291689@main
Canonical link: https://commits.webkit.org/282416.478@webkitglib/2.46
Commit: ce470a3a517d6ebb3c3db2c9124faa15a50da272
https://github.com/WebKit/WebKit/commit/ce470a3a517d6ebb3c3db2c9124faa15a50da272
Author: Abrar Rahman Protyasha <[email protected]>
Date: 2025-03-13 (Thu, 13 Mar 2025)
Changed paths:
M Source/WebCore/loader/FrameLoader.cpp
Log Message:
-----------
Cherry-pick 291655@main (6fdcc035f663).
https://bugs.webkit.org/show_bug.cgi?id=289182
Web content processes sometimes crashes under Page::viewportArguments()
calls from FrameLoader::commitProvisionalLoad()
https://bugs.webkit.org/show_bug.cgi?id=289182
rdar://145386222
Reviewed by Wenson Hsieh.
Sometimes the WP crashes under WebCore::Page::viewportArguments() with a
backtrace like this:
```
WTF::RawPtrTraits<WebCore::Frame>::unwrap(WebCore::Frame* const&) (WebCore)
WTF::Ref<WebCore::Frame, WTF::RawPtrTraits<WebCore::Frame>,
WTF::DefaultRefDerefTraits<WebCore::Frame>>::get() const (WebCore)
WTF::Ref<WebCore::Frame, WTF::RawPtrTraits<WebCore::Frame>,
WTF::DefaultRefDerefTraits<WebCore::Frame>>::Ref(WTF::Ref<WebCore::Frame,
WTF::RawPtrTraits<WebCore::Frame>, WTF::DefaultRefDerefTraits<WebCore::Frame>>
const&) (WebCore)
WTF::Ref<WebCore::Frame, WTF::RawPtrTraits<WebCore::Frame>,
WTF::DefaultRefDerefTraits<WebCore::Frame>>::Ref(WTF::Ref<WebCore::Frame,
WTF::RawPtrTraits<WebCore::Frame>, WTF::DefaultRefDerefTraits<WebCore::Frame>>
const&) (WebCore)
WebCore::Page::protectedMainFrame() const (WebCore)
WebCore::Page::viewportArguments() const (WebCore)
WebCore::FrameLoader::commitProvisionalLoad() (WebCore)
```
While the root cause is yet to be determined, we can make the process
less crashy by null checking frame->page() before querying for viewport
arguments in FrameLoader::commitProvisionalLoad.
Note that this is better than null checking m_mainFrame on the Page
object, because Page holds a strong reference to m_mainFrame, and so if
we're crashing while dereferencing that object, it indicates all of Page
is null.
* Source/WebCore/loader/FrameLoader.cpp:
(WebCore::FrameLoader::commitProvisionalLoad):
Canonical link: https://commits.webkit.org/291655@main
Canonical link: https://commits.webkit.org/282416.479@webkitglib/2.46
Commit: db73053fd1408e5e6b683439106059463f0d296d
https://github.com/WebKit/WebKit/commit/db73053fd1408e5e6b683439106059463f0d296d
Author: Przemyslaw Gorszkowski <[email protected]>
Date: 2025-03-13 (Thu, 13 Mar 2025)
Changed paths:
M Source/WTF/wtf/glib/SocketConnection.cpp
Log Message:
-----------
Cherry-pick 289009@main (58384db7507f).
https://bugs.webkit.org/show_bug.cgi?id=285978
[GTK][WPE] Remote Inspector: speed up of reading large message
https://bugs.webkit.org/show_bug.cgi?id=285978
Reviewed by Adrian Perez de Castro.
In case of large message, we can speed its reading up by increase the
reading buffer to
expected size of the message (which is read from the header of the message).
The solution was proposed in
https://github.com/WebPlatformForEmbedded/WPEWebKit/pull/1407.
Original author: Krishna Priya K (https://github.com/kkanag314).
* Source/WTF/wtf/glib/SocketConnection.cpp:
(WTF::SocketConnection::readMessage):
Canonical link: https://commits.webkit.org/289009@main
Canonical link: https://commits.webkit.org/282416.480@webkitglib/2.46
Compare: https://github.com/WebKit/WebKit/compare/b7a02e278f3b...db73053fd140
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
