Title: [247370] trunk/Source/WebKit
- Revision
- 247370
- Author
- sihui_...@apple.com
- Date
- 2019-07-11 15:26:25 -0700 (Thu, 11 Jul 2019)
Log Message
StorageArea should not be destructed on the main thread
https://bugs.webkit.org/show_bug.cgi?id=199713
<rdar://problem/52911900>
Reviewed by Alex Christensen.
After r246079, LocalStorageNameSpace could be destructed on the main thread and it may hold the last reference
to StorageArea. Then we saw the crashes that StorageArea was wrongly destructed on the main thread.
* NetworkProcess/NetworkSession.cpp:
(WebKit::NetworkSession::~NetworkSession):
* NetworkProcess/WebStorage/StorageManager.cpp:
(WebKit::StorageManager::waitUntilTasksFinished):
(WebKit::StorageManager::waitUntilWritesFinished): Deleted.
* NetworkProcess/WebStorage/StorageManager.h:
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (247369 => 247370)
--- trunk/Source/WebKit/ChangeLog 2019-07-11 22:22:57 UTC (rev 247369)
+++ trunk/Source/WebKit/ChangeLog 2019-07-11 22:26:25 UTC (rev 247370)
@@ -1,3 +1,21 @@
+2019-07-11 Sihui Liu <sihui_...@apple.com>
+
+ StorageArea should not be destructed on the main thread
+ https://bugs.webkit.org/show_bug.cgi?id=199713
+ <rdar://problem/52911900>
+
+ Reviewed by Alex Christensen.
+
+ After r246079, LocalStorageNameSpace could be destructed on the main thread and it may hold the last reference
+ to StorageArea. Then we saw the crashes that StorageArea was wrongly destructed on the main thread.
+
+ * NetworkProcess/NetworkSession.cpp:
+ (WebKit::NetworkSession::~NetworkSession):
+ * NetworkProcess/WebStorage/StorageManager.cpp:
+ (WebKit::StorageManager::waitUntilTasksFinished):
+ (WebKit::StorageManager::waitUntilWritesFinished): Deleted.
+ * NetworkProcess/WebStorage/StorageManager.h:
+
2019-07-11 Tim Horton <timothy_hor...@apple.com>
Null deref of Range under WebPage::startAutoscrollAtPosition
Modified: trunk/Source/WebKit/NetworkProcess/NetworkSession.cpp (247369 => 247370)
--- trunk/Source/WebKit/NetworkProcess/NetworkSession.cpp 2019-07-11 22:22:57 UTC (rev 247369)
+++ trunk/Source/WebKit/NetworkProcess/NetworkSession.cpp 2019-07-11 22:26:25 UTC (rev 247370)
@@ -95,7 +95,7 @@
NetworkSession::~NetworkSession()
{
m_storageManager->resume();
- m_storageManager->waitUntilWritesFinished();
+ m_storageManager->waitUntilTasksFinished();
}
void NetworkSession::invalidateAndCancel()
Modified: trunk/Source/WebKit/NetworkProcess/WebStorage/StorageManager.cpp (247369 => 247370)
--- trunk/Source/WebKit/NetworkProcess/WebStorage/StorageManager.cpp 2019-07-11 22:22:57 UTC (rev 247369)
+++ trunk/Source/WebKit/NetworkProcess/WebStorage/StorageManager.cpp 2019-07-11 22:26:25 UTC (rev 247370)
@@ -907,7 +907,7 @@
});
}
-void StorageManager::waitUntilWritesFinished()
+void StorageManager::waitUntilTasksFinished()
{
BinarySemaphore semaphore;
m_queue->dispatch([this, &semaphore] {
@@ -920,6 +920,8 @@
for (auto& connectionStorageAreaPair : connectionAndStorageMapIDPairsToRemove)
m_storageAreasByConnection.remove(connectionStorageAreaPair);
+ m_localStorageNamespaces.clear();
+
semaphore.signal();
});
semaphore.wait();
Modified: trunk/Source/WebKit/NetworkProcess/WebStorage/StorageManager.h (247369 => 247370)
--- trunk/Source/WebKit/NetworkProcess/WebStorage/StorageManager.h 2019-07-11 22:22:57 UTC (rev 247369)
+++ trunk/Source/WebKit/NetworkProcess/WebStorage/StorageManager.h 2019-07-11 22:26:25 UTC (rev 247370)
@@ -57,7 +57,7 @@
void cloneSessionStorageNamespace(uint64_t storageNamespaceID, uint64_t newStorageNamespaceID);
void processDidCloseConnection(IPC::Connection&);
- void waitUntilWritesFinished();
+ void waitUntilTasksFinished();
void suspend(CompletionHandler<void()>&&);
void resume();
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes