Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 4b0afef4a5e01030bd108306d3f737698d4c04bb
https://github.com/WebKit/WebKit/commit/4b0afef4a5e01030bd108306d3f737698d4c04bb
Author: Youenn Fablet <[email protected]>
Date: 2026-01-19 (Mon, 19 Jan 2026)
Changed paths:
M Source/WebKit/WebProcess/Storage/WebServiceWorkerFetchTaskClient.cpp
Log Message:
-----------
WebServiceWorkerFetchTaskClient::doCancel can create a potential deadlock
rdar://168446830
https://bugs.webkit.org/show_bug.cgi?id=305769
Reviewed by Chris Dumez.
WebServiceWorkerFetchTaskClient::doCancel is called when we try to cancel a
fetch intercepted by a service worker.
This in turns will cancel the fetch readablestream body synchronously via the
client setCancelledCallback callback in ServiceWorkerFetch::processResponse.
Cancelling the stream will call the client consumeBodyReceivedByChunk callback
set in ServiceWorkerFetch::processResponse.
The consumeBodyReceivedByChunk callback can then call
WebServiceWorkerFetchTaskClient::didFinish or didFail.
All of this will happen synchronously.
In that case, as WebServiceWorkerFetchTaskClient::doCancel holds a lock for its
m_connection, WebServiceWorkerFetchTaskClient::didFinish may be blocked since
it also tries to take the same lock.
We update the code in WebServiceWorkerFetchTaskClient::doCancel to only take
the connection lock for the time to set m_connection.
The lock is no longer held while executing the cancelled callback.
This should prevent this potential deadlock.
Canonical link: https://commits.webkit.org/305835@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
