Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: cherry-pick 72ee7c437c88 from chromium #25243

Merged
merged 3 commits into from Sep 2, 2020

Conversation

@nornagon
Copy link
Member

@nornagon nornagon commented Aug 31, 2020

[Merge to M84] Worker: Fix a race condition on task runner handling

WebSharedWorkerImpl accesses WorkerScheduler from the main thread to
take a task runner, and then dispatches a connect event to
SharedWorkerGlobalScope using the task runner.

This causes a race condition if close() is called on the global scope
on the worker thread while the task runner is being taken on the main
thread: close() call disposes of WorkerScheduler, and accessing the
scheduler after that is not allowed. See the issue for details.

To fix this, this CL makes WebSharedWorkerImpl capture the task runner
between starting a worker thread (initializing WorkerScheduler) and
posting a task to evaluate worker scripts that may call close(). This
ensures that WebSharedWorkerImpl accesses WorkerScheduler before the
scheduler is disposed of.

(cherry picked from commit c7bbec3e595c4359e36e5472b7265c4b6d047f2c)

Bug: 1104046
Change-Id: I145cd39f706019c33220fcb01ed81f76963ffff0
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2308550
Commit-Queue: Hiroki Nakagawa nhiroki@chromium.org
Reviewed-by: Kenichi Ishibashi bashi@chromium.org
Cr-Original-Commit-Position: refs/heads/master@{#790284}
Tbr: bashi@chromium.org
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2342337
Reviewed-by: Hiroki Nakagawa nhiroki@chromium.org
Cr-Commit-Position: refs/branch-heads/4147@{#1050}
Cr-Branched-From: 16307825352720ae04d898f37efa5449ad68b606-refs/heads/master@{#768962}

Notes: Security: backported fix for 1104046.

@nornagon nornagon requested a review from electron/wg-upgrades as a code owner Aug 31, 2020
@nornagon nornagon merged commit 656ae25 into 8-x-y Sep 2, 2020
6 of 13 checks passed
6 of 13 checks passed
@circleci-checks
build-linux Workflow: build-linux
Details
@circleci-checks
build-mac Workflow: build-mac
Details
@appveyor
appveyor: win-ia32-testing Waiting for AppVeyor build to complete
Details
@appveyor
appveyor: win-ia32-testing-pr Waiting for AppVeyor build to complete
Details
@appveyor
appveyor: win-woa-testing Waiting for AppVeyor build to complete
Details
@appveyor
appveyor: win-x64-testing Waiting for AppVeyor build to complete
Details
@appveyor
appveyor: win-x64-testing-pr Waiting for AppVeyor build to complete
Details
@trop
Valid Backport Backport Check Skipped
Details
@electron-archaeologist
Artifact Comparison No Changes
Details
@semantic-pull-requests
Semantic Pull Request ready to be squashed
Details
@wip
WIP Ready for review
Details
@circleci-checks
lint Workflow: lint
Details
@release-clerk
release-notes Release notes found
@release-clerk
Copy link

@release-clerk release-clerk bot commented Sep 2, 2020

Release Notes Persisted

Security: backported fix for 1104046.

@nornagon nornagon deleted the cherry-pick/8-x-y/chromium/72ee7c437c88 branch Sep 2, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants