Title: [203323] trunk/Source/WebCore
- Revision
- 203323
- Author
- [email protected]
- Date
- 2016-07-16 04:33:52 -0700 (Sat, 16 Jul 2016)
Log Message
ASSERTION FAILED: isMainThread() in ~UniqueIDBDatabase() since r201997
https://bugs.webkit.org/show_bug.cgi?id=159809
Patch by Carlos Garcia Campos <[email protected]> on 2016-07-16
Reviewed by Brady Eidson.
In r201997 the UniqueIDBDatabase was protected in executeNextDatabaseTask() because the last reference could be
removed while the task is performed. However UniqueIDBDatabase is expected to be deleted in the main thread, and
the destructor asserts when not called in the main thread, but executeNextDatabaseTask() is always called on a
secondary thread. So, if the protector contains the last reference, the object is deleted in the secondary thread.
* Modules/indexeddb/server/UniqueIDBDatabase.cpp:
(WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask): Use callOnMainThread to ensure the object is
deleted in the main thread in case the protector contains the last reference.
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (203322 => 203323)
--- trunk/Source/WebCore/ChangeLog 2016-07-16 04:51:45 UTC (rev 203322)
+++ trunk/Source/WebCore/ChangeLog 2016-07-16 11:33:52 UTC (rev 203323)
@@ -1,3 +1,19 @@
+2016-07-16 Carlos Garcia Campos <[email protected]>
+
+ ASSERTION FAILED: isMainThread() in ~UniqueIDBDatabase() since r201997
+ https://bugs.webkit.org/show_bug.cgi?id=159809
+
+ Reviewed by Brady Eidson.
+
+ In r201997 the UniqueIDBDatabase was protected in executeNextDatabaseTask() because the last reference could be
+ removed while the task is performed. However UniqueIDBDatabase is expected to be deleted in the main thread, and
+ the destructor asserts when not called in the main thread, but executeNextDatabaseTask() is always called on a
+ secondary thread. So, if the protector contains the last reference, the object is deleted in the secondary thread.
+
+ * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
+ (WebCore::IDBServer::UniqueIDBDatabase::executeNextDatabaseTask): Use callOnMainThread to ensure the object is
+ deleted in the main thread in case the protector contains the last reference.
+
2016-07-15 Chris Dumez <[email protected]>
Use emptyString() / nullAtom when possible
Modified: trunk/Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabase.cpp (203322 => 203323)
--- trunk/Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabase.cpp 2016-07-16 04:51:45 UTC (rev 203322)
+++ trunk/Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabase.cpp 2016-07-16 11:33:52 UTC (rev 203323)
@@ -1555,6 +1555,10 @@
task->performTask();
--m_queuedTaskCount;
+
+ // Release the ref in the main thread to ensure it's deleted there as expected in case of being the last reference.
+ callOnMainThread([protectedThis = WTFMove(protectedThis)] {
+ });
}
void UniqueIDBDatabase::executeNextDatabaseTaskReply()
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
