Feature/database errors #85
Conversation
| @@ -92,24 +110,52 @@ + (instancetype)sharedManager { | |||
| - (instancetype)initDefault | |||
| { | |||
| self = [super init]; | |||
|
|
|||
| if (![self tryToLoadDatabase]) { | |||
| // Failing to load the database is a catastrophic. | |||
| // or the keychain has become corrupt. Either way, we want to get back to a | ||
| // "known good state" and behave like a new install. | ||
|
|
||
| BOOL shouldHavePassword = [[NSUserDefaults standardUserDefaults] objectForKey:TSStorageManagerHasDatabasePassword]; |
There was a problem hiding this comment.
I think using fileExistsAtPath would get you the same information and save a couple lines farther down. It might even be more conceptually to-the-point since that's the file that this password corresponds to.
not a blocking concern.
There was a problem hiding this comment.
Hmm, you're right. I was trying to avoid filesystem access, but "less state = more surface area for bugs."
| } | ||
|
|
||
| [self deletePasswordFromKeychain]; |
There was a problem hiding this comment.
Same as before:
We are missing the call to [TSAttachmentStream deleteAttachments]; which deletes any on-disk attachments. Instead of these lines, wipeSignalStorage is almost what we want but won't work as is.
There was a problem hiding this comment.
Yup, see above.
There was a problem hiding this comment.
Although... as discussed offline, I think we should convert our "media/blob" cache to a LRU cache where contents get evacuated based on some maximum size on disk. My understanding is that the app disk usage currently grows in an unbounded way, which is:
- Burdensome on/troublesome for users.
- A vector of serious "out of disk space" bugs.
Many users keep their phones very close to full at all times.
| OWSAnalyticsCritical(@"Could not load database"); | ||
|
|
||
| // Try to reset app by deleting database. | ||
| [self deletePasswordFromKeychain]; |
There was a problem hiding this comment.
We are missing the call to [TSAttachmentStream deleteAttachments]; which deletes any on-disk attachments. Instead of these lines, wipeSignalStorage is almost what we want but won't work as is - though see below for my comment there.
There was a problem hiding this comment.
Okay, I split wipeSignalStorage into two methods to DRY this up.
| [TSAttachmentStream deleteAttachments]; | ||
|
|
||
| [[self init] setupDatabase]; |
There was a problem hiding this comment.
I don't even think this setupDatabase bit is necessary, so maybe you could use this in multiple places above if you just remove this line.
It's unnecessary, since (IIRC) the only place this is called, we immediately kill the app. In which case the database would be setup on next launch. (Users access this functionality in Settings > Delete Account)
Though should we be killing the app is a different question. Probably not.
There was a problem hiding this comment.
Huh! Also, why was this calling init?!? I'm going to take your suggestion remove this line and undo the "splitting" I mentioned above.
| // We determine the database password first, since a side effect of | ||
| // this can be deleting any existing database file (if we're recovering | ||
| // from a corrupt keychain). | ||
| NSData *databasePassword = [self databasePassword]; |
There was a problem hiding this comment.
You know. THIS change made me curious, and I found out we were calling the cipher block which queries the keychain 25 times in quick succession on startup. =/
|
PTAL @michaelkirk |
| // | ||
| // OWSAnalytics.h | ||
| // | ||
| // Copyright (c) 2017 Open Whisper Systems. All rights reserved. |
There was a problem hiding this comment.
wanna run precommit on all these?
| @@ -24,7 +24,7 @@ extern NSString *const TSUIDatabaseConnectionDidUpdateNotification; | |||
| - (void)setupDatabase; | |||
| - (void)deleteThreadsAndMessages; | |||
| - (BOOL)databasePasswordAccessible; | |||
| - (void)wipeSignalStorage; | |||
| - (void)resetSignalStorage; | |||
There was a problem hiding this comment.
Just a heads up that this is used in Signal-iOS. Generally if there are breaking changes in ssk, try to open the corresponding Signal-iOS PR that can run it simultaneously.
There was a problem hiding this comment.
| self.database = nil; | ||
| _dbConnection = nil; |
There was a problem hiding this comment.
I prefer property getters wherever possible (even internally). My rationale is that some assumptions become easier when only getters, setters, dealloc, and init touch it.
I could be persuaded to always use ivars internally, but I don't think we should mix and match arbitrarily.
There was a problem hiding this comment.
Sure, that sounds quite reasonable. In fact, the only reason I accessed the ivar here is because this property is declared as readonly in the header and there's no readwrite property as one might expect in a private anonymous category. Going forward I'll fix these as I find them!
charlesmchen
force-pushed
the
feature/databaseErrors
branch
from
4ee4752
to
2aa0797
Compare
…l and database load errors. // FREEBIE
charlesmchen
force-pushed
the
feature/databaseErrors
branch
from
2aa0797
to
c5cf79c
Compare
signalapp/Signal-iOS#1578