[webkit-changes] [WebKit/WebKit] 8d9001: jsc_fuz/wktr: null ptr deref in WebCore::invokeWri...
lericaa
noreply at github.com
Mon Dec 18 21:38:11 PST 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 8d900198ca1e68cca80a4b2f0d4251d661a41361
https://github.com/WebKit/WebKit/commit/8d900198ca1e68cca80a4b2f0d4251d661a41361
Author: Erica Li <lerica at apple.com>
Date: 2023-12-18 (Mon, 18 Dec 2023)
Changed paths:
A LayoutTests/streams/writable-stream-create-within-multiple-workers-crash-expected.txt
A LayoutTests/streams/writable-stream-create-within-multiple-workers-crash.html
M Source/WebCore/bindings/js/InternalWritableStream.cpp
M Tools/DumpRenderTree/mac/DumpRenderTree.mm
Log Message:
-----------
jsc_fuz/wktr: null ptr deref in WebCore::invokeWritableStreamFunction(...) (InternalWritableStream.cpp:49)
https://bugs.webkit.org/show_bug.cgi\?id\=262865
rdar://116465595
Reviewed by Mark Lam.
Return early when worker is terminated while trying to get function from globalObject.
Set useDollarVM in test option initialization for cases when useDollarVM will be reset before injectInternalsObject is called in DRT.
* LayoutTests/streams/writable-stream-create-within-multiple-workers-crash-expected.txt: Added.
* LayoutTests/streams/writable-stream-create-within-multiple-workers-crash.html: Added.
* Source/WebCore/bindings/js/InternalWritableStream.cpp:
(WebCore::invokeWritableStreamFunction):
* Tools/DumpRenderTree/mac/DumpRenderTree.mm:
(testOptionsForTest):
Originally-landed-as: 267815.398 at safari-7617-branch (f11c81a103a8). rdar://119596601
Canonical link: https://commits.webkit.org/272251@main
More information about the webkit-changes
mailing list