1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
|
/*
* Copyright (C) 2008 Apple Inc. All Rights Reserved.
* Copyright (C) 2011 Google, Inc. All Rights Reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
* OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#include "config.h"
#include "DatabaseContext.h"
#include "Chrome.h"
#include "ChromeClient.h"
#include "Database.h"
#include "DatabaseManager.h"
#include "DatabaseTask.h"
#include "DatabaseThread.h"
#include "Document.h"
#include "Page.h"
#include "SchemeRegistry.h"
#include "ScriptExecutionContext.h"
#include "SecurityOrigin.h"
#include "Settings.h"
namespace WebCore {
// How the DatabaseContext Life-Cycle works?
// ========================================
// ... in other words, who's keeping the DatabaseContext alive and how long does
// it need to stay alive?
//
// The DatabaseContext is referenced from RefPtrs in:
// 1. ScriptExecutionContext
// 2. Database
//
// At Birth:
// ========
// We create a DatabaseContext only when there is a need i.e. the script tries to
// open a Database via DatabaseManager::openDatabase().
//
// The DatabaseContext constructor will call setDatabaseContext() on the
// the ScriptExecutionContext. This sets the RefPtr in the ScriptExecutionContext
// for keeping the DatabaseContext alive. Since the DatabaseContext is only
// created from the script thread, it is safe for the constructor to call
// ScriptExecutionContext::setDatabaseContext().
//
// Once a DatabaseContext is associated with a ScriptExecutionContext, it will
// live until after the ScriptExecutionContext destructs. This is true even if
// we don't succeed in opening any Databases for that context. When we do
// succeed in opening Databases for this ScriptExecutionContext, the Database
// will re-use the same DatabaseContext.
//
// At Shutdown:
// ===========
// During shutdown, the DatabaseContext needs to:
// 1. "outlive" the ScriptExecutionContext.
// - This is needed because the DatabaseContext needs to remove itself from the
// ScriptExecutionContext's ActiveDOMObject list and ContextDestructionObserver
// list. This removal needs to be executed on the script's thread. Hence, we
// rely on the ScriptExecutionContext's shutdown process to call
// stop() and contextDestroyed() to give us a chance to clean these up from
// the script thread.
//
// 2. "outlive" the Databases.
// - This is because they may make use of the DatabaseContext to execute a close
// task and shutdown in an orderly manner. When the Databases are destructed,
// they will deref the DatabaseContext from the DatabaseThread.
//
// During shutdown, the ScriptExecutionContext is shutting down on the script thread
// while the Databases are shutting down on the DatabaseThread. Hence, there can be
// a race condition as to whether the ScriptExecutionContext or the Databases
// destruct first.
//
// The RefPtrs in the Databases and ScriptExecutionContext will ensure that the
// DatabaseContext will outlive both regardless of which of the 2 destructs first.
DatabaseContext::DatabaseContext(ScriptExecutionContext* context)
: ActiveDOMObject(context)
, m_hasOpenDatabases(false)
, m_isRegistered(true) // will register on construction below.
, m_hasRequestedTermination(false)
{
// ActiveDOMObject expects this to be called to set internal flags.
suspendIfNeeded();
context->setDatabaseContext(this);
// For debug accounting only. We must do this before we register the
// instance. The assertions assume this.
auto& databaseManager = DatabaseManager::singleton();
databaseManager.didConstructDatabaseContext();
databaseManager.registerDatabaseContext(this);
}
DatabaseContext::~DatabaseContext()
{
stopDatabases();
ASSERT(!m_databaseThread || m_databaseThread->terminationRequested());
// For debug accounting only. We must call this last. The assertions assume
// this.
DatabaseManager::singleton().didDestructDatabaseContext();
}
// This is called if the associated ScriptExecutionContext is destroyed while
// we're still associated with it. That's our cue to disassociate and shutdown.
// To do this, we stop the database and let everything shut down naturally
// because the database closing process might still make use of this context.
// It is not safe to just delete the context here.
void DatabaseContext::contextDestroyed()
{
stopDatabases();
ActiveDOMObject::contextDestroyed();
}
// stop() is from stopActiveDOMObjects() which indicates that the owner Frame
// or WorkerThread is shutting down. Initiate the orderly shutdown by stopping
// the associated databases.
void DatabaseContext::stop()
{
stopDatabases();
}
bool DatabaseContext::canSuspendForDocumentSuspension() const
{
if (!hasOpenDatabases() || !m_databaseThread)
return true;
return !m_databaseThread->hasPendingDatabaseActivity();
}
DatabaseThread* DatabaseContext::databaseThread()
{
if (!m_databaseThread && !m_hasOpenDatabases) {
// It's OK to ask for the m_databaseThread after we've requested
// termination because we're still using it to execute the closing
// of the database. However, it is NOT OK to create a new thread
// after we've requested termination.
ASSERT(!m_hasRequestedTermination);
// Create the database thread on first request - but not if at least one database was already opened,
// because in that case we already had a database thread and terminated it and should not create another.
m_databaseThread = DatabaseThread::create();
if (!m_databaseThread->start())
m_databaseThread = nullptr;
}
return m_databaseThread.get();
}
bool DatabaseContext::stopDatabases(DatabaseTaskSynchronizer* synchronizer)
{
if (m_isRegistered) {
DatabaseManager::singleton().unregisterDatabaseContext(this);
m_isRegistered = false;
}
// Though we initiate termination of the DatabaseThread here in
// stopDatabases(), we can't clear the m_databaseThread ref till we get to
// the destructor. This is because the Databases that are managed by
// DatabaseThread still rely on this ref between the context and the thread
// to execute the task for closing the database. By the time we get to the
// destructor, we're guaranteed that the databases are destructed (which is
// why our ref count is 0 then and we're destructing). Then, the
// m_databaseThread RefPtr destructor will deref and delete the
// DatabaseThread.
if (m_databaseThread && !m_hasRequestedTermination) {
m_databaseThread->requestTermination(synchronizer);
m_hasRequestedTermination = true;
return true;
}
return false;
}
bool DatabaseContext::allowDatabaseAccess() const
{
if (is<Document>(*m_scriptExecutionContext)) {
Document& document = downcast<Document>(*m_scriptExecutionContext);
if (!document.page() || (document.page()->usesEphemeralSession() && !SchemeRegistry::allowsDatabaseAccessInPrivateBrowsing(document.securityOrigin()->protocol())))
return false;
return true;
}
ASSERT(m_scriptExecutionContext->isWorkerGlobalScope());
// allowDatabaseAccess is not yet implemented for workers.
return true;
}
void DatabaseContext::databaseExceededQuota(const String& name, DatabaseDetails details)
{
if (is<Document>(*m_scriptExecutionContext)) {
Document& document = downcast<Document>(*m_scriptExecutionContext);
if (Page* page = document.page())
page->chrome().client().exceededDatabaseQuota(document.frame(), name, details);
return;
}
ASSERT(m_scriptExecutionContext->isWorkerGlobalScope());
}
SecurityOrigin* DatabaseContext::securityOrigin() const
{
return m_scriptExecutionContext->securityOrigin();
}
bool DatabaseContext::isContextThread() const
{
return m_scriptExecutionContext->isContextThread();
}
} // namespace WebCore
|
