Bug 1588498: Forbid the creation of new cache Context objects during quota manager shutdown. r=dom-storage-reviewers,asuth

We want to enforce the (assumed) invariant that after we started QM shutdown we should not create new contextes and associated threads for cache IO. We do this generating a runtime error, whose handling might not be consistent in all (unexpected) cases, yet. But this is preferable over a shutdown hang crash, for sure. Differential Revision: https://phabricator.services.mozilla.com/D123137
2021-08-20 05:49:26 +00:00 · 2021-08-20 05:49:26 +00:00 · e55b9dfeb0
--- a/dom/cache/Manager.cpp
+++ b/dom/cache/Manager.cpp
@ -6,6 +6,7 @@

 #include "mozilla/dom/cache/Manager.h"

+#include "mozilla/AppShutdown.h"
 #include "mozilla/AutoRestore.h"
 #include "mozilla/Mutex.h"
 #include "mozilla/StaticMutex.h"
@ -231,6 +232,17 @@ class Manager::Factory {
      const SafeRefPtr<ManagerId>& aManagerId) {
    mozilla::ipc::AssertIsOnBackgroundThread();

+    // If we get here during/after quota manager shutdown, we bail out.
+    MOZ_ASSERT(AppShutdown::GetCurrentShutdownPhase() <
+               ShutdownPhase::AppShutdownQM);
+    if (AppShutdown::GetCurrentShutdownPhase() >=
+        ShutdownPhase::AppShutdownQM) {
+      NS_WARNING(
+          "Attempt to AcquireCreateIfNonExistent a Manager during QM "
+          "shutdown.");
+      return Err(NS_ERROR_ILLEGAL_DURING_SHUTDOWN);
+    }
+
    // Ensure there is a factory instance.  This forces the Acquire() call
    // below to use the same factory.
    QM_TRY(MaybeCreateInstance());