[webkit-changes] [236057] releases/WebKitGTK/webkit-2.22/Source/WebCore

Mon, 17 Sep 2018 05:04:12 -0700

Title: [236057] releases/WebKitGTK/webkit-2.22/Source/WebCore
Revision
236057
Author
[email protected]
Date
2018-09-17 05:03:03 -0700 (Mon, 17 Sep 2018)

Log Message

Merge r235345 - Make IDBCursor::m_request a WeakPtr
https://bugs.webkit.org/show_bug.cgi?id=188938

Reviewed by Alex Christensen.

Make m_request a WeakPtr so that if m_request is destroyed, the related cursor will not use the invalid pointer.

Covered by existing tests.

* Modules/indexeddb/IDBCursor.cpp:
(WebCore::IDBCursor::continuePrimaryKey): Other continue and advance methods that are calling uncheckedIterateCursor do check for m_request.
Apply the same check for continuePrimaryKey.
(WebCore::IDBCursor::uncheckedIterateCursor):
* Modules/indexeddb/IDBCursor.h:
(WebCore::IDBCursor::setRequest):
(WebCore::IDBCursor::clearRequest):
(WebCore::IDBCursor::request):
* Modules/indexeddb/IDBRequest.h:

Modified Paths

Diff

Modified: releases/WebKitGTK/webkit-2.22/Source/WebCore/ChangeLog (236056 => 236057)


--- releases/WebKitGTK/webkit-2.22/Source/WebCore/ChangeLog	2018-09-17 12:02:58 UTC (rev 236056)
+++ releases/WebKitGTK/webkit-2.22/Source/WebCore/ChangeLog	2018-09-17 12:03:03 UTC (rev 236057)
@@ -1,5 +1,26 @@
 2018-08-26  Youenn Fablet  <[email protected]>
 
+        Make IDBCursor::m_request a WeakPtr
+        https://bugs.webkit.org/show_bug.cgi?id=188938
+
+        Reviewed by Alex Christensen.
+
+        Make m_request a WeakPtr so that if m_request is destroyed, the related cursor will not use the invalid pointer.
+
+        Covered by existing tests.
+
+        * Modules/indexeddb/IDBCursor.cpp:
+        (WebCore::IDBCursor::continuePrimaryKey): Other continue and advance methods that are calling uncheckedIterateCursor do check for m_request.
+        Apply the same check for continuePrimaryKey.
+        (WebCore::IDBCursor::uncheckedIterateCursor):
+        * Modules/indexeddb/IDBCursor.h:
+        (WebCore::IDBCursor::setRequest):
+        (WebCore::IDBCursor::clearRequest):
+        (WebCore::IDBCursor::request):
+        * Modules/indexeddb/IDBRequest.h:
+
+2018-08-26  Youenn Fablet  <[email protected]>
+
         IDBCursor does not need to be an ActiveDOMObject
         https://bugs.webkit.org/show_bug.cgi?id=188937

Modified: releases/WebKitGTK/webkit-2.22/Source/WebCore/Modules/indexeddb/IDBCursor.cpp (236056 => 236057)


--- releases/WebKitGTK/webkit-2.22/Source/WebCore/Modules/indexeddb/IDBCursor.cpp	2018-09-17 12:02:58 UTC (rev 236056)
+++ releases/WebKitGTK/webkit-2.22/Source/WebCore/Modules/indexeddb/IDBCursor.cpp	2018-09-17 12:03:03 UTC (rev 236057)
@@ -167,6 +167,9 @@
 
 ExceptionOr<void> IDBCursor::continuePrimaryKey(ExecState& state, JSValue keyValue, JSValue primaryKeyValue)
 {
+    if (!m_request)
+        return Exception { InvalidStateError };
+
     if (!transaction().isActive())
         return Exception { TransactionInactiveError, "Failed to execute 'continuePrimaryKey' on 'IDBCursor': The transaction is inactive or finished."_s };
 
@@ -260,6 +263,7 @@
 
 void IDBCursor::uncheckedIterateCursor(const IDBKeyData& key, unsigned count)
 {
+    ASSERT(m_request);
     ASSERT(&effectiveObjectStore().transaction().database().originThread() == &Thread::current());
 
     m_request->willIterateCursor(*this);
@@ -268,6 +272,7 @@
 
 void IDBCursor::uncheckedIterateCursor(const IDBKeyData& key, const IDBKeyData& primaryKey)
 {
+    ASSERT(m_request);
     ASSERT(&effectiveObjectStore().transaction().database().originThread() == &Thread::current());
 
     m_request->willIterateCursor(*this);

Modified: releases/WebKitGTK/webkit-2.22/Source/WebCore/Modules/indexeddb/IDBCursor.h (236056 => 236057)


--- releases/WebKitGTK/webkit-2.22/Source/WebCore/Modules/indexeddb/IDBCursor.h	2018-09-17 12:02:58 UTC (rev 236056)
+++ releases/WebKitGTK/webkit-2.22/Source/WebCore/Modules/indexeddb/IDBCursor.h	2018-09-17 12:03:03 UTC (rev 236057)
@@ -32,6 +32,7 @@
 #include "IDBCursorInfo.h"
 #include <_javascript_Core/Strong.h>
 #include <wtf/Variant.h>
+#include <wtf/WeakPtr.h>
 
 namespace WebCore {
 
@@ -65,9 +66,9 @@
 
     const IDBCursorInfo& info() const { return m_info; }
 
-    void setRequest(IDBRequest& request) { m_request = &request; }
-    void clearRequest() { m_request = nullptr; }
-    IDBRequest* request() { return m_request; }
+    void setRequest(IDBRequest& request) { m_request = makeWeakPtr(&request); }
+    void clearRequest() { m_request.clear(); }
+    IDBRequest* request() { return m_request.get(); }
 
     void setGetResult(IDBRequest&, const IDBGetResult&);
 
@@ -87,7 +88,7 @@
 
     IDBCursorInfo m_info;
     Source m_source;
-    IDBRequest* m_request { nullptr };
+    WeakPtr<IDBRequest> m_request;
 
     bool m_gotValue { false };

Modified: releases/WebKitGTK/webkit-2.22/Source/WebCore/Modules/indexeddb/IDBRequest.h (236056 => 236057)


--- releases/WebKitGTK/webkit-2.22/Source/WebCore/Modules/indexeddb/IDBRequest.h	2018-09-17 12:02:58 UTC (rev 236056)
+++ releases/WebKitGTK/webkit-2.22/Source/WebCore/Modules/indexeddb/IDBRequest.h	2018-09-17 12:03:03 UTC (rev 236057)
@@ -36,6 +36,7 @@
 #include <_javascript_Core/Strong.h>
 #include <wtf/Function.h>
 #include <wtf/Scope.h>
+#include <wtf/WeakPtr.h>
 
 namespace WebCore {
 
@@ -56,7 +57,7 @@
 class IDBConnectionToServer;
 }
 
-class IDBRequest : public EventTargetWithInlineData, public IDBActiveDOMObject, public RefCounted<IDBRequest> {
+class IDBRequest : public EventTargetWithInlineData, public IDBActiveDOMObject, public RefCounted<IDBRequest>, public CanMakeWeakPtr<IDBRequest> {
 public:
     static Ref<IDBRequest> create(ScriptExecutionContext&, IDBObjectStore&, IDBTransaction&);
     static Ref<IDBRequest> create(ScriptExecutionContext&, IDBCursor&, IDBTransaction&);

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to