Skip to site navigation (Press enter)

[webkit-changes] [201997] trunk/Source/WebCore

beidson Mon, 13 Jun 2016 11:57:07 -0700

Title: [201997] trunk/Source/WebCore

Revision: 201997
Author: [email protected]
Date: 2016-06-13 11:56:43 -0700 (Mon, 13 Jun 2016)

Log Message

Crashes in WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask.
<rdar://problem/26768449> and https://bugs.webkit.org/show_bug.cgi?id=158696


Reviewed by David Kilzer.

No new tests (Covered by all existing tests in Gmalloc/ASAN configs).

* Modules/indexeddb/server/UniqueIDBDatabase.cpp:
(WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask):
(WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTaskReply):

Modified Paths

trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabase.cpp

Diff

Modified: trunk/Source/WebCore/ChangeLog (201996 => 201997)


--- trunk/Source/WebCore/ChangeLog	2016-06-13 18:08:36 UTC (rev 201996)
+++ trunk/Source/WebCore/ChangeLog	2016-06-13 18:56:43 UTC (rev 201997)
@@ -1,5 +1,18 @@
 2016-06-13  Brady Eidson  <[email protected]>
 
+        Crashes in WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask.
+        <rdar://problem/26768449> and https://bugs.webkit.org/show_bug.cgi?id=158696
+
+        Reviewed by David Kilzer.
+
+        No new tests (Covered by all existing tests in Gmalloc/ASAN configs).
+
+        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
+        (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask):
+        (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTaskReply):
+
+2016-06-13  Brady Eidson  <[email protected]>
+
         Modern IDB: IDBOpenDBRequest objects leak.
         https://bugs.webkit.org/show_bug.cgi?id=158694

Modified: trunk/Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabase.cpp (201996 => 201997)


--- trunk/Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabase.cpp	2016-06-13 18:08:36 UTC (rev 201996)
+++ trunk/Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabase.cpp	2016-06-13 18:56:43 UTC (rev 201997)
@@ -1531,6 +1531,9 @@
     auto task = m_databaseQueue.tryGetMessage();
     ASSERT(task);
 
+    // Performing the task might end up removing the last reference to this.
+    Ref<UniqueIDBDatabase> protectedThis(*this);
+
     task->performTask();
     --m_queuedTaskCount;
 }
@@ -1544,7 +1547,7 @@
     ASSERT(task);
 
     // Performing the task might end up removing the last reference to this.
-    RefPtr<UniqueIDBDatabase> protectedThis(this);
+    Ref<UniqueIDBDatabase> protectedThis(*this);
 
     task->performTask();
     --m_queuedTaskCount;

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes