Title: [233279] trunk/Source/WebCore
- Revision
- 233279
- Author
- [email protected]
- Date
- 2018-06-27 14:43:41 -0700 (Wed, 27 Jun 2018)
Log Message
Crash under SWServer::unregisterServiceWorkerClient()
https://bugs.webkit.org/show_bug.cgi?id=187115
<rdar://problem/41539197>
Reviewed by Youenn Fablet.
Connections are usually destroyed before their SWServer. However, as per crash traces, it is possible
for SWServers to get destroyed while they still have connections. When this happens, the connections
(which are owned by the SWServer) get destroyed with other SWServer data members. In turn, the
connection destructor tries to unregister its clients from the server that is currently being destroyed.
To address the issue, the SWServer destructor now destroys remaining connections early, before SWServer's
other data members get destroyed.
* workers/service/server/SWServer.cpp:
(WebCore::SWServer::~SWServer):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (233278 => 233279)
--- trunk/Source/WebCore/ChangeLog 2018-06-27 21:26:46 UTC (rev 233278)
+++ trunk/Source/WebCore/ChangeLog 2018-06-27 21:43:41 UTC (rev 233279)
@@ -1,3 +1,22 @@
+2018-06-27 Chris Dumez <[email protected]>
+
+ Crash under SWServer::unregisterServiceWorkerClient()
+ https://bugs.webkit.org/show_bug.cgi?id=187115
+ <rdar://problem/41539197>
+
+ Reviewed by Youenn Fablet.
+
+ Connections are usually destroyed before their SWServer. However, as per crash traces, it is possible
+ for SWServers to get destroyed while they still have connections. When this happens, the connections
+ (which are owned by the SWServer) get destroyed with other SWServer data members. In turn, the
+ connection destructor tries to unregister its clients from the server that is currently being destroyed.
+
+ To address the issue, the SWServer destructor now destroys remaining connections early, before SWServer's
+ other data members get destroyed.
+
+ * workers/service/server/SWServer.cpp:
+ (WebCore::SWServer::~SWServer):
+
2018-06-27 Youenn Fablet <[email protected]>
NetworkLoadChecker should not need to hard ref NetworkConnectionToWebProcess
Modified: trunk/Source/WebCore/workers/service/server/SWServer.cpp (233278 => 233279)
--- trunk/Source/WebCore/workers/service/server/SWServer.cpp 2018-06-27 21:26:46 UTC (rev 233278)
+++ trunk/Source/WebCore/workers/service/server/SWServer.cpp 2018-06-27 21:43:41 UTC (rev 233279)
@@ -64,6 +64,10 @@
SWServer::~SWServer()
{
+ // Destroy the remaining connections before the SWServer gets destroyed since they have a raw pointer
+ // to the server and since they try to unregister clients from the server in their destructor.
+ m_connections.clear();
+
allServers().remove(this);
}
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
