[Webkit-unassigned] [Bug 115761] New: Race condition with DatabaseTracker::deleteAllDatabases and web workers
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue May 7 14:54:32 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=115761
Summary: Race condition with
DatabaseTracker::deleteAllDatabases and web workers
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: WebCore Misc.
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: cdalton at nvidia.com
When DatabaseTracker::deleteAllDatabases is called from the main thread, it ends up calling through DatabaseTracker::deleteDatabaseFile to Database::markAsDeletedAndClose, on all the relevant open databases (including those open by web workers).
markAsDeletedAndClose first makes sure that databaseContext()->databaseThread()->terminationRequested() is false, and then schedules and waits for a DatabaseClose task.
This has two problems:
1) It's possible for the worker thread to request termination AFTER markAsDeletedAndClose checks terminationRequested, but BEFORE it schedules and waits for the task. (WorkerThreadShutdownStartTask::performTask -> DatabaseManager::stopDatabases -> DatabaseContext::stopDatabases -> DatabaseThread::requestTermination.) In this scenario, the task will never execute and the main thread will hang.
2) It's possible for markAsDeletedAndClose to check terminationRequested AFTER the worker thread has requested termination, but BEFORE the database is fully closed. In this it's possible to delete the database file while a web worker still has it open.
We need a thread-safe way of making sure all relevant databases are closed before deleting the file.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list