-
Notifications
You must be signed in to change notification settings - Fork 15k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: cherry-pick 0dc563cbbca5 from chromium (#25238)
- Loading branch information
Showing
3 changed files
with
112 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
48 changes: 48 additions & 0 deletions
48
patches/chromium/indexeddb_fix_crash_in_webidbgetdbnamescallbacksimpl.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 | ||
From: Adrienne Walker <enne@chromium.org> | ||
Date: Tue, 4 Aug 2020 20:10:23 +0000 | ||
Subject: indexeddb: fix crash in WebIDBGetDBNamesCallbacksImpl | ||
|
||
Resolve() can end up freeing WebIDBGetDBNamesCallbacksImpl by throwing a | ||
mojo error that deletes the self-owned associated receiver that owns it. | ||
So, don't call any other functions after it. | ||
|
||
As the promise resolver can only resolve/reject once, it is safe to | ||
not clear it. | ||
|
||
(cherry picked from commit da90fc39f5ca0f8dc1c665fbabad8ec229826f89) | ||
|
||
Bug: 1106682 | ||
Change-Id: Iea943f3c5c1e57adb6ad399baff49522f54d264b | ||
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2311620 | ||
Commit-Queue: Daniel Murphy <dmurph@chromium.org> | ||
Reviewed-by: Daniel Murphy <dmurph@chromium.org> | ||
Auto-Submit: enne <enne@chromium.org> | ||
Cr-Original-Commit-Position: refs/heads/master@{#790857} | ||
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2337096 | ||
Reviewed-by: enne <enne@chromium.org> | ||
Commit-Queue: enne <enne@chromium.org> | ||
Cr-Commit-Position: refs/branch-heads/4147@{#1023} | ||
Cr-Branched-From: 16307825352720ae04d898f37efa5449ad68b606-refs/heads/master@{#768962} | ||
|
||
diff --git a/third_party/blink/renderer/modules/indexeddb/idb_factory.cc b/third_party/blink/renderer/modules/indexeddb/idb_factory.cc | ||
index 46c5b3432931f6caef98f05dbb6f3543b2711874..af1b4c4234c62671ed56b52d7bd13c3557d397e9 100644 | ||
--- a/third_party/blink/renderer/modules/indexeddb/idb_factory.cc | ||
+++ b/third_party/blink/renderer/modules/indexeddb/idb_factory.cc | ||
@@ -104,7 +104,6 @@ class WebIDBGetDBNamesCallbacksImpl : public WebIDBCallbacks { | ||
promise_resolver_->Reject(MakeGarbageCollected<DOMException>( | ||
DOMExceptionCode::kUnknownError, | ||
"The databases() promise was rejected.")); | ||
- promise_resolver_.Clear(); | ||
} | ||
|
||
void SuccessNamesAndVersionsList( | ||
@@ -128,7 +127,7 @@ class WebIDBGetDBNamesCallbacksImpl : public WebIDBCallbacks { | ||
ExecutionContext::From(promise_resolver_->GetScriptState()), | ||
&async_task_id_, "success"); | ||
promise_resolver_->Resolve(name_and_version_list); | ||
- promise_resolver_.Clear(); | ||
+ // Note: Resolve may cause |this| to be deleted. | ||
} | ||
|
||
void SuccessStringList(const Vector<String>&) override { NOTREACHED(); } |
62 changes: 62 additions & 0 deletions
62
patches/chromium/indexeddb_reset_async_tasks_in_webidbgetdbnamescallbacksimpl.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 | ||
From: Adrienne Walker <enne@chromium.org> | ||
Date: Wed, 5 Aug 2020 00:44:52 +0000 | ||
Subject: indexeddb: reset async tasks in ~WebIDBGetDBNamesCallbacksImpl | ||
|
||
Since sometimes the WebIDBGetDBNamesCallbacksImpl can be destroyed when | ||
the promise is resolved, make sure that no code that could reference it | ||
is still around. Store the async task as an optional member so it can | ||
be cleared during the destructor. | ||
|
||
Followup to: | ||
https://chromium-review.googlesource.com/c/chromium/src/+/2311620 | ||
|
||
(cherry picked from commit 4422ec665ddca3ac05ad90bac5d5ebee7cfc5536) | ||
|
||
Bug: 1106682,1109467 | ||
Change-Id: Id6a0ff0a3703fab94e9684e41f16d5a1bac20468 | ||
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2321332 | ||
Reviewed-by: Daniel Murphy <dmurph@chromium.org> | ||
Commit-Queue: enne <enne@chromium.org> | ||
Auto-Submit: enne <enne@chromium.org> | ||
Cr-Original-Commit-Position: refs/heads/master@{#792121} | ||
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2337110 | ||
Reviewed-by: enne <enne@chromium.org> | ||
Cr-Commit-Position: refs/branch-heads/4147@{#1029} | ||
Cr-Branched-From: 16307825352720ae04d898f37efa5449ad68b606-refs/heads/master@{#768962} | ||
|
||
diff --git a/third_party/blink/renderer/modules/indexeddb/idb_factory.cc b/third_party/blink/renderer/modules/indexeddb/idb_factory.cc | ||
index af1b4c4234c62671ed56b52d7bd13c3557d397e9..d0ea6c191643ad51ab9e1d97e7a81ca9a074092e 100644 | ||
--- a/third_party/blink/renderer/modules/indexeddb/idb_factory.cc | ||
+++ b/third_party/blink/renderer/modules/indexeddb/idb_factory.cc | ||
@@ -110,6 +110,7 @@ class WebIDBGetDBNamesCallbacksImpl : public WebIDBCallbacks { | ||
Vector<mojom::blink::IDBNameAndVersionPtr> names_and_versions) override { | ||
if (!promise_resolver_) | ||
return; | ||
+ DCHECK(!async_task_.has_value()); | ||
|
||
HeapVector<Member<IDBDatabaseInfo>> name_and_version_list; | ||
name_and_version_list.ReserveInitialCapacity(name_and_version_list.size()); | ||
@@ -123,11 +124,12 @@ class WebIDBGetDBNamesCallbacksImpl : public WebIDBCallbacks { | ||
name_and_version_list.push_back(idb_info); | ||
} | ||
|
||
- probe::AsyncTask async_task( | ||
+ async_task_.emplace( | ||
ExecutionContext::From(promise_resolver_->GetScriptState()), | ||
&async_task_id_, "success"); | ||
promise_resolver_->Resolve(name_and_version_list); | ||
- // Note: Resolve may cause |this| to be deleted. | ||
+ // Note: Resolve may cause |this| to be deleted. async_task_ will be | ||
+ // completed in the destructor. | ||
} | ||
|
||
void SuccessStringList(const Vector<String>&) override { NOTREACHED(); } | ||
@@ -189,6 +191,7 @@ class WebIDBGetDBNamesCallbacksImpl : public WebIDBCallbacks { | ||
|
||
private: | ||
probe::AsyncTaskId async_task_id_; | ||
+ base::Optional<probe::AsyncTask> async_task_; | ||
Persistent<ScriptPromiseResolver> promise_resolver_; | ||
}; | ||
|