Fix the race condition bugs in ServiceWorkerContextWatcher

Desktop / Chromium - Tsuyoshi Horo [chromium.org] - 9 August 2017 07:19 EDT

There are two race condition bugs in ServiceWorkerContextWatcher.

(1) When Stop() is called quickly after Start(), OnStoredRegistrationsOnIOThread() may call AddObserver() even after StopOnIOThread() was called. This bug is causing the crashes (751709, 727877). (2) The callbacks (registration/version/error_callback) may be called even after Stop() is called on the UI thread if the callback task was already queued from the IO thread.

This cl introduces |is_stopped_| for (1) and |stop_called_| for (2).

Bug: 727877, 751709 Change-Id: I0a00885171c79bd0311c6fcefcacea1fe9e65dc1 Reviewed-on: https://chromium-review.googlesource.com/604974 Commit-Queue: Tsuyoshi Horo

86b8177 Fix the race condition bugs in ServiceWorkerContextWatcher
.../service_worker_context_core_observer.h | 5 +
.../service_worker_context_watcher.cc | 119 +++++--
.../service_worker_context_watcher.h | 18 +-
.../service_worker_context_watcher_unittest.cc | 386 +++++++++++++++++++++
content/test/BUILD.gn | 1 +
5 files changed, 502 insertions(+), 27 deletions(-)

Upstream: git.chromium.org


  • Share