LibWeb: Fix GC leaks in Fetch::Infrastructure::Body::fully_read()

By making this function accept the success and error steps as HeapFunction rather than SafeFunction, we break a bunch of strong GC cycles.
Author: https://github.com/awesomekling Commit: 184368285c Pull-request: https://github.com/SerenityOS/serenity/pull/24078
2025-07-31 13:19:05 +00:00 · 2024-04-23 10:25:20 +02:00 · 2024-04-23 10:25:20 +02:00 · 184368285c · 2024-07-17 05:09:48 +09:00
commit 184368285c
parent 0c84508f87
9 changed files with 67 additions and 67 deletions
--- a/Userland/Libraries/LibWeb/Fetch/Body.cpp
+++ b/Userland/Libraries/LibWeb/Fetch/Body.cpp
@ -164,17 +164,17 @@ WebIDL::ExceptionOr<JS::NonnullGCPtr<JS::Promise>> consume_body(JS::Realm& realm

    // 3. Let errorSteps given error be to reject promise with error.
    // NOTE: `promise` and `realm` is protected by JS::SafeFunction.
-    auto error_steps = [promise, &realm](JS::GCPtr<WebIDL::DOMException> error) {
+    auto error_steps = JS::create_heap_function(realm.heap(), [promise, &realm](JS::GCPtr<WebIDL::DOMException> error) {
        // AD-HOC: An execution context is required for Promise's reject function.
        HTML::TemporaryExecutionContext execution_context { Bindings::host_defined_environment_settings_object(realm) };
        WebIDL::reject_promise(realm, promise, error);
-    };
+    });

    // 4. Let successSteps given a byte sequence data be to resolve promise with the result of running convertBytesToJSValue
    //    with data. If that threw an exception, then run errorSteps with that exception.
    // NOTE: `promise`, `realm` and `object` is protected by JS::SafeFunction.
    // FIXME: Refactor this to the new version of the spec introduced with https://github.com/whatwg/fetch/commit/464326e8eb6a602122c030cd40042480a3c0e265
-    auto success_steps = [promise, &realm, &object, type](ByteBuffer const& data) {
+    auto success_steps = JS::create_heap_function(realm.heap(), [promise, &realm, &object, type](ByteBuffer data) {
        auto& vm = realm.vm();

        // AD-HOC: An execution context is required for Promise's reject function and JSON.parse.
@ -192,16 +192,16 @@ WebIDL::ExceptionOr<JS::NonnullGCPtr<JS::Promise>> consume_body(JS::Realm& realm
        }

        WebIDL::resolve_promise(realm, promise, value_or_error.release_value());
-    };
+    });

    // 5. If object’s body is null, then run successSteps with an empty byte sequence.
    auto const& body = object.body_impl();
    if (!body) {
-        success_steps(ByteBuffer {});
+        success_steps->function()(ByteBuffer {});
    }
    // 6. Otherwise, fully read object’s body given successSteps, errorSteps, and object’s relevant global object.
    else {
-        TRY(body->fully_read(realm, move(success_steps), move(error_steps), JS::NonnullGCPtr { HTML::relevant_global_object(object.as_platform_object()) }));
+        TRY(body->fully_read(realm, success_steps, error_steps, JS::NonnullGCPtr { HTML::relevant_global_object(object.as_platform_object()) }));
    }

    // 7. Return promise.