Title: [225491] trunk/Source/WebCore
- Revision
- 225491
- Author
- cdu...@apple.com
- Date
- 2017-12-04 13:56:25 -0800 (Mon, 04 Dec 2017)
Log Message
ServiceWorkerGlobalScope::skipWaiting(Ref<DeferredPromise>&&) is unsafe
https://bugs.webkit.org/show_bug.cgi?id=180372
Reviewed by Youenn Fablet.
Ref the WorkerThread and capture it in the lambda. Keep the pending promises in
a HashMap on the ServiceWorkerGlobalScope so that they stay on the worker thread.
* workers/service/ServiceWorkerGlobalScope.cpp:
(WebCore::ServiceWorkerGlobalScope::skipWaiting):
* workers/service/ServiceWorkerGlobalScope.h:
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (225490 => 225491)
--- trunk/Source/WebCore/ChangeLog 2017-12-04 21:50:31 UTC (rev 225490)
+++ trunk/Source/WebCore/ChangeLog 2017-12-04 21:56:25 UTC (rev 225491)
@@ -1,3 +1,17 @@
+2017-12-04 Chris Dumez <cdu...@apple.com>
+
+ ServiceWorkerGlobalScope::skipWaiting(Ref<DeferredPromise>&&) is unsafe
+ https://bugs.webkit.org/show_bug.cgi?id=180372
+
+ Reviewed by Youenn Fablet.
+
+ Ref the WorkerThread and capture it in the lambda. Keep the pending promises in
+ a HashMap on the ServiceWorkerGlobalScope so that they stay on the worker thread.
+
+ * workers/service/ServiceWorkerGlobalScope.cpp:
+ (WebCore::ServiceWorkerGlobalScope::skipWaiting):
+ * workers/service/ServiceWorkerGlobalScope.h:
+
2017-12-04 Brady Eidson <beid...@apple.com>
Get a directory path to SWServers for storing ServiceWorker registrations.
Modified: trunk/Source/WebCore/workers/service/ServiceWorkerGlobalScope.cpp (225490 => 225491)
--- trunk/Source/WebCore/workers/service/ServiceWorkerGlobalScope.cpp 2017-12-04 21:50:31 UTC (rev 225490)
+++ trunk/Source/WebCore/workers/service/ServiceWorkerGlobalScope.cpp 2017-12-04 21:56:25 UTC (rev 225491)
@@ -50,11 +50,16 @@
void ServiceWorkerGlobalScope::skipWaiting(Ref<DeferredPromise>&& promise)
{
- callOnMainThread([this, protectedThis = makeRef(*this), threadIdentifier = thread().identifier(), promise = WTFMove(promise)]() mutable {
+ uint64_t requestIdentifier = ++m_lastRequestIdentifier;
+ m_pendingSkipWaitingPromises.add(requestIdentifier, WTFMove(promise));
+
+ callOnMainThread([workerThread = makeRef(thread()), requestIdentifier]() mutable {
if (auto* connection = SWContextManager::singleton().connection()) {
- connection->skipWaiting(threadIdentifier, [this, protectedThis = WTFMove(protectedThis), promise = WTFMove(promise)]() mutable {
- thread().runLoop().postTask([promise = WTFMove(promise), protectedThis = WTFMove(protectedThis)](auto&) {
- promise->resolve();
+ connection->skipWaiting(workerThread->identifier(), [workerThread = WTFMove(workerThread), requestIdentifier] {
+ workerThread->runLoop().postTask([requestIdentifier](auto& context) {
+ auto& scope = downcast<ServiceWorkerGlobalScope>(context);
+ if (auto promise = scope.m_pendingSkipWaitingPromises.take(requestIdentifier))
+ promise->resolve();
});
});
}
Modified: trunk/Source/WebCore/workers/service/ServiceWorkerGlobalScope.h (225490 => 225491)
--- trunk/Source/WebCore/workers/service/ServiceWorkerGlobalScope.h 2017-12-04 21:50:31 UTC (rev 225490)
+++ trunk/Source/WebCore/workers/service/ServiceWorkerGlobalScope.h 2017-12-04 21:56:25 UTC (rev 225491)
@@ -77,6 +77,9 @@
Ref<ServiceWorkerClients> m_clients;
HashMap<ServiceWorkerClientIdentifier, ServiceWorkerClient*> m_clientMap;
Vector<Ref<ExtendableEvent>> m_extendedEvents;
+
+ uint64_t m_lastRequestIdentifier { 0 };
+ HashMap<uint64_t, RefPtr<DeferredPromise>> m_pendingSkipWaitingPromises;
};
} // namespace WebCore
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
