[webkit-changes] [276409] trunk/Source/WebCore

Wed, 21 Apr 2021 17:51:06 -0700

Title: [276409] trunk/Source/WebCore
Revision
276409
Author
[email protected]
Date
2021-04-21 17:50:08 -0700 (Wed, 21 Apr 2021)

Log Message

Crash under RegistrationDatabase::openSQLiteDatabase()
https://bugs.webkit.org/show_bug.cgi?id=224895
<rdar://64574013>

Reviewed by Geoffrey Garen.

This was a thread-safety issue. The static string in recordsTableSchema() was being used
from several threads without synchronization. The reason is that there can be several
RegistrationDatabase that co-exist (one per SWServer, meaning one per sessionID) and each
RegistrationDatabase was using its own WorkQueue.

To address the issue, all RegistrationDatabase objects now share the same WorkQueue.

* workers/service/server/RegistrationDatabase.cpp:
(WebCore::registrationDatabaseWorkQueue):
(WebCore::RegistrationDatabase::RegistrationDatabase):

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (276408 => 276409)


--- trunk/Source/WebCore/ChangeLog	2021-04-22 00:13:15 UTC (rev 276408)
+++ trunk/Source/WebCore/ChangeLog	2021-04-22 00:50:08 UTC (rev 276409)
@@ -1,3 +1,22 @@
+2021-04-21  Chris Dumez  <[email protected]>
+
+        Crash under RegistrationDatabase::openSQLiteDatabase()
+        https://bugs.webkit.org/show_bug.cgi?id=224895
+        <rdar://64574013>
+
+        Reviewed by Geoffrey Garen.
+
+        This was a thread-safety issue. The static string in recordsTableSchema() was being used
+        from several threads without synchronization. The reason is that there can be several
+        RegistrationDatabase that co-exist (one per SWServer, meaning one per sessionID) and each
+        RegistrationDatabase was using its own WorkQueue.
+
+        To address the issue, all RegistrationDatabase objects now share the same WorkQueue.
+
+        * workers/service/server/RegistrationDatabase.cpp:
+        (WebCore::registrationDatabaseWorkQueue):
+        (WebCore::RegistrationDatabase::RegistrationDatabase):
+
 2021-04-21  Wenson Hsieh  <[email protected]>
 
         Introduce helper methods to map FloatQuads to and from content and root view coordinates

Modified: trunk/Source/WebCore/workers/service/server/RegistrationDatabase.cpp (276408 => 276409)


--- trunk/Source/WebCore/workers/service/server/RegistrationDatabase.cpp	2021-04-22 00:13:15 UTC (rev 276408)
+++ trunk/Source/WebCore/workers/service/server/RegistrationDatabase.cpp	2021-04-22 00:50:08 UTC (rev 276409)
@@ -157,8 +157,18 @@
     return importedScripts;
 }
 
+static Ref<WorkQueue> registrationDatabaseWorkQueue()
+{
+    static LazyNeverDestroyed<Ref<WorkQueue>> workQueue;
+    static std::once_flag onceKey;
+    std::call_once(onceKey, [] {
+        workQueue.construct(WorkQueue::create("ServiceWorker I/O Thread", WorkQueue::Type::Serial));
+    });
+    return workQueue;
+}
+
 RegistrationDatabase::RegistrationDatabase(RegistrationStore& store, String&& databaseDirectory)
-    : m_workQueue(WorkQueue::create("ServiceWorker I/O Thread", WorkQueue::Type::Serial))
+    : m_workQueue(registrationDatabaseWorkQueue())
     , m_store(makeWeakPtr(store))
     , m_databaseDirectory(WTFMove(databaseDirectory))
     , m_databaseFilePath(FileSystem::pathByAppendingComponent(m_databaseDirectory, databaseFilename()))

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to