Title: [227934] trunk/Source/WebCore
- Revision
- 227934
- Author
- [email protected]
- Date
- 2018-01-31 15:08:44 -0800 (Wed, 31 Jan 2018)
Log Message
Add a release assertion to ensure timers are deleted in the right thread
https://bugs.webkit.org/show_bug.cgi?id=182351
Reviewed by David Kilzer.
Added a relese assertion in ~TimerBase that the current thread is the one in which the timer was created.
We use canAccessThreadLocalDataForThread for this purpose since the condition is more complicated
when WebThread is being used.
* platform/Timer.cpp:
(WebCore::TimerBase::~TimerBase): Added the assertion.
* platform/Timer.h:
(WebCore::TimerBase::m_thread): Always store the current thread in a timer.
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (227933 => 227934)
--- trunk/Source/WebCore/ChangeLog 2018-01-31 22:43:29 UTC (rev 227933)
+++ trunk/Source/WebCore/ChangeLog 2018-01-31 23:08:44 UTC (rev 227934)
@@ -1,3 +1,20 @@
+2018-01-31 Ryosuke Niwa <[email protected]>
+
+ Add a release assertion to ensure timers are deleted in the right thread
+ https://bugs.webkit.org/show_bug.cgi?id=182351
+
+ Reviewed by David Kilzer.
+
+ Added a relese assertion in ~TimerBase that the current thread is the one in which the timer was created.
+
+ We use canAccessThreadLocalDataForThread for this purpose since the condition is more complicated
+ when WebThread is being used.
+
+ * platform/Timer.cpp:
+ (WebCore::TimerBase::~TimerBase): Added the assertion.
+ * platform/Timer.h:
+ (WebCore::TimerBase::m_thread): Always store the current thread in a timer.
+
2018-01-31 Youenn Fablet <[email protected]>
Change SWServer::claim to set the iterator value as soon as possible
Modified: trunk/Source/WebCore/platform/Timer.cpp (227933 => 227934)
--- trunk/Source/WebCore/platform/Timer.cpp 2018-01-31 22:43:29 UTC (rev 227933)
+++ trunk/Source/WebCore/platform/Timer.cpp 2018-01-31 23:08:44 UTC (rev 227934)
@@ -191,6 +191,7 @@
TimerBase::~TimerBase()
{
+ RELEASE_ASSERT_WITH_SECURITY_IMPLICATION(canAccessThreadLocalDataForThread(m_thread.get()));
stop();
ASSERT(!inHeap());
m_wasDeleted = true;
Modified: trunk/Source/WebCore/platform/Timer.h (227933 => 227934)
--- trunk/Source/WebCore/platform/Timer.h 2018-01-31 22:43:29 UTC (rev 227933)
+++ trunk/Source/WebCore/platform/Timer.h 2018-01-31 23:08:44 UTC (rev 227934)
@@ -103,9 +103,7 @@
bool m_wasDeleted { false };
Vector<TimerBase*>* m_cachedThreadGlobalTimerHeap { nullptr };
-#ifndef NDEBUG
Ref<Thread> m_thread { Thread::current() };
-#endif
friend class ThreadTimers;
friend class TimerHeapLessThanFunction;
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
