WebKit Bugzilla
Attachment 373372 Details for
Bug 199423
: Make sure to cross-thread copy in StorageManager when hopping back to the main thread
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-199423-20190702165837.patch (text/plain), 6.02 KB, created by
youenn fablet
on 2019-07-02 16:58:37 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
youenn fablet
Created:
2019-07-02 16:58:37 PDT
Size:
6.02 KB
patch
obsolete
>Subversion Revision: 247073 >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index 8deca8e0352190c5e5e2f500fb772c1c701a1ab6..d975590393de44bfb49992d11879ad0790ec2cd6 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,21 @@ >+2019-07-02 Youenn Fablet <youenn@apple.com> >+ >+ Make sure to cross-thread copy in StorageManager when hopping back to the main thread >+ https://bugs.webkit.org/show_bug.cgi?id=199423 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Make sure to isolate copy some strings that may not be isolated in case of ephemeral sessions. >+ Small refactoring to use crossThreadCopy instead of doing vector copy ourselves. >+ >+ * NetworkProcess/WebStorage/LocalStorageDatabaseTracker.h: >+ (WebKit::LocalStorageDatabaseTracker::OriginDetails::isolatedCopy const): >+ * NetworkProcess/WebStorage/StorageManager.cpp: >+ (WebKit::StorageManager::deleteSessionStorageEntriesForOrigins): >+ (WebKit::StorageManager::getLocalStorageOrigins): >+ (WebKit::StorageManager::getLocalStorageOriginDetails): >+ (WebKit::StorageManager::deleteLocalStorageEntriesForOrigins): >+ > 2019-07-02 Tim Horton <timothy_horton@apple.com> > > REGRESSION (r243240): Unable to swipe back in Safari >diff --git a/Source/WebKit/NetworkProcess/WebStorage/LocalStorageDatabaseTracker.h b/Source/WebKit/NetworkProcess/WebStorage/LocalStorageDatabaseTracker.h >index 2adbe1cdc1a3448e966a17e50e96259330af5a3d..72b93c32277d07e7cc83b335a732bcf1785e7af9 100644 >--- a/Source/WebKit/NetworkProcess/WebStorage/LocalStorageDatabaseTracker.h >+++ b/Source/WebKit/NetworkProcess/WebStorage/LocalStorageDatabaseTracker.h >@@ -58,6 +58,8 @@ public: > > template<class Encoder> void encode(Encoder&) const; > template<class Decoder> static Optional<OriginDetails> decode(Decoder&); >+ >+ OriginDetails isolatedCopy() const { return { originIdentifier.isolatedCopy(), creationTime, modificationTime }; } > }; > Vector<OriginDetails> originDetails(); > >diff --git a/Source/WebKit/NetworkProcess/WebStorage/StorageManager.cpp b/Source/WebKit/NetworkProcess/WebStorage/StorageManager.cpp >index 76c0fe53928e377877b15a11b0c0ce929f5833eb..59f749a753ab2e3678d0ae284572787f180302f3 100644 >--- a/Source/WebKit/NetworkProcess/WebStorage/StorageManager.cpp >+++ b/Source/WebKit/NetworkProcess/WebStorage/StorageManager.cpp >@@ -621,13 +621,7 @@ void StorageManager::deleteSessionStorageOrigins(Function<void()>&& completionHa > > void StorageManager::deleteSessionStorageEntriesForOrigins(const Vector<WebCore::SecurityOriginData>& origins, Function<void()>&& completionHandler) > { >- Vector<WebCore::SecurityOriginData> copiedOrigins; >- copiedOrigins.reserveInitialCapacity(origins.size()); >- >- for (auto& origin : origins) >- copiedOrigins.uncheckedAppend(origin.isolatedCopy()); >- >- m_queue->dispatch([this, protectedThis = makeRef(*this), copiedOrigins = WTFMove(copiedOrigins), completionHandler = WTFMove(completionHandler)]() mutable { >+ m_queue->dispatch([this, protectedThis = makeRef(*this), copiedOrigins = crossThreadCopy(origins), completionHandler = WTFMove(completionHandler)]() mutable { > for (auto& origin : copiedOrigins) { > for (auto& sessionStorageNamespace : m_sessionStorageNamespaces.values()) > sessionStorageNamespace->clearStorageAreasMatchingOrigin(origin); >@@ -644,17 +638,17 @@ void StorageManager::getLocalStorageOrigins(Function<void(HashSet<WebCore::Secur > > if (m_localStorageDatabaseTracker) { > for (auto& origin : m_localStorageDatabaseTracker->origins()) >- origins.add(origin); >+ origins.add(origin.isolatedCopy()); > } else { > for (const auto& localStorageNameSpace : m_localStorageNamespaces.values()) { > for (auto& origin : localStorageNameSpace->ephemeralOrigins()) >- origins.add(origin); >+ origins.add(origin.isolatedCopy()); > } > } > > for (auto& transientLocalStorageNamespace : m_transientLocalStorageNamespaces.values()) { > for (auto& origin : transientLocalStorageNamespace->origins()) >- origins.add(origin); >+ origins.add(origin.isolatedCopy()); > } > > RunLoop::main().dispatch([origins = WTFMove(origins), completionHandler = WTFMove(completionHandler)]() mutable { >@@ -668,7 +662,7 @@ void StorageManager::getLocalStorageOriginDetails(Function<void(Vector<LocalStor > m_queue->dispatch([this, protectedThis = makeRef(*this), completionHandler = WTFMove(completionHandler)]() mutable { > Vector<LocalStorageDatabaseTracker::OriginDetails> originDetails; > if (m_localStorageDatabaseTracker) >- originDetails = m_localStorageDatabaseTracker->originDetails(); >+ originDetails = m_localStorageDatabaseTracker->originDetails().isolatedCopy(); > > RunLoop::main().dispatch([originDetails = WTFMove(originDetails), completionHandler = WTFMove(completionHandler)]() mutable { > completionHandler(WTFMove(originDetails)); >@@ -716,13 +710,7 @@ void StorageManager::deleteLocalStorageOriginsModifiedSince(WallTime time, Funct > > void StorageManager::deleteLocalStorageEntriesForOrigins(const Vector<WebCore::SecurityOriginData>& origins, Function<void()>&& completionHandler) > { >- Vector<SecurityOriginData> copiedOrigins; >- copiedOrigins.reserveInitialCapacity(origins.size()); >- >- for (auto& origin : origins) >- copiedOrigins.uncheckedAppend(origin.isolatedCopy()); >- >- m_queue->dispatch([this, protectedThis = makeRef(*this), copiedOrigins = WTFMove(copiedOrigins), completionHandler = WTFMove(completionHandler)]() mutable { >+ m_queue->dispatch([this, protectedThis = makeRef(*this), copiedOrigins = crossThreadCopy(origins), completionHandler = WTFMove(completionHandler)]() mutable { > for (auto& origin : copiedOrigins) { > for (auto& localStorageNamespace : m_localStorageNamespaces.values()) > localStorageNamespace->clearStorageAreasMatchingOrigin(origin);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=373372">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 199423
:
373364
|
373367
| 373372