[webkit-changes] [WebKit/WebKit] c39fe2: Pure virtual function called! in WebCore::ScriptEx...

Sihui noreply at github.com
Fri Jan 31 17:13:05 PST 2025 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: c39fe29e14e462ab59dd2e81bb9bae409dde1905
      https://github.com/WebKit/WebKit/commit/c39fe29e14e462ab59dd2e81bb9bae409dde1905
  Author: Sihui Liu <sihui_liu at apple.com>
  Date:   2025-01-31 (Fri, 31 Jan 2025)

  Changed paths:
    M Source/WebCore/Modules/indexeddb/IDBDatabase.cpp
    M Source/WebCore/Modules/indexeddb/IDBDatabase.h
    M Source/WebCore/Modules/indexeddb/client/IDBConnectionProxy.cpp
    M Source/WebCore/Modules/indexeddb/client/IDBConnectionProxy.h
    M Source/WebCore/dom/ScriptExecutionContext.cpp
    M Source/WebCore/dom/ScriptExecutionContext.h

  Log Message:
  -----------
  Pure virtual function called! in WebCore::ScriptExecutionContext::postCrossThreadTask<WebCore::IDBDatabase &,void (WebCore::IDBDatabase::*&)(const WebCore::IDBError &),const WebCore::IDBError &>
https://bugs.webkit.org/show_bug.cgi?id=283040
rdar://139782420

Reviewed by Chris Dumez.

Crash log indicates IDBDatabase (IDBActiveDOMObject) can post task to ScriptExecutionContext from the main thread when
context is being destroyed on a background thread. This is problematic because ScriptExecutionContext is not
thread-safe and IDBDatabase is not supposed to access it directly from a non-context thread. This patch fixes the issue
by posting task via ScriptExecutionContext::ensureOnContextThread function instead, as the function acquires lock as
needed. Also this patch replaces raw pointer in m_databaseConnectionMap with ThreadSafeWeakPtr, and make
IDBDatabase::m_isContextSuspended std::atomic for better thread safety.

* Source/WebCore/Modules/indexeddb/IDBDatabase.cpp:
(WebCore::IDBDatabase::IDBDatabase):
* Source/WebCore/Modules/indexeddb/IDBDatabase.h:
* Source/WebCore/Modules/indexeddb/client/IDBConnectionProxy.cpp:
(WebCore::IDBClient::IDBConnectionProxy::databaseFromConnectionIdentifier):
(WebCore::IDBClient::IDBConnectionProxy::fireVersionChangeEvent):
(WebCore::IDBClient::IDBConnectionProxy::didCloseFromServer):
(WebCore::IDBClient::IDBConnectionProxy::connectionToServerLost):
(WebCore::IDBClient::IDBConnectionProxy::registerDatabaseConnection):
(WebCore::IDBClient::IDBConnectionProxy::unregisterDatabaseConnection):
(WebCore::IDBClient::IDBConnectionProxy::setContextSuspended):
* Source/WebCore/Modules/indexeddb/client/IDBConnectionProxy.h:
* Source/WebCore/dom/ScriptExecutionContext.cpp:
(WebCore::ScriptExecutionContext::ensureOnContextThreadForCrossThreadTask):
* Source/WebCore/dom/ScriptExecutionContext.h:

Originally-landed-as: 283286.491 at safari-7620-branch (ae369124fc38). rdar://143595292
Canonical link: https://commits.webkit.org/289646@main



To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications

More information about the webkit-changes mailing list