Title: [239715] trunk/Source/WebCore
- Revision
- 239715
- Author
- [email protected]
- Date
- 2019-01-07 16:39:27 -0800 (Mon, 07 Jan 2019)
Log Message
Crash in SWServer::Connection::resolveRegistrationReadyRequests
https://bugs.webkit.org/show_bug.cgi?id=193217
Reviewed by Chris Dumez.
As can be seen from the traces, SWServer might clear its connections HashMap in its destructor.
This might then trigger calling SWServer::resolveRegistrationReadyRequests.
This method is iterating on the connections HashMap which is being cleared.
To remove this problem, move the HashMap in a temporary variable and clear the temporary variable.
* workers/service/server/SWServer.cpp:
(WebCore::SWServer::~SWServer):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (239714 => 239715)
--- trunk/Source/WebCore/ChangeLog 2019-01-08 00:14:42 UTC (rev 239714)
+++ trunk/Source/WebCore/ChangeLog 2019-01-08 00:39:27 UTC (rev 239715)
@@ -1,3 +1,18 @@
+2019-01-07 Youenn Fablet <[email protected]>
+
+ Crash in SWServer::Connection::resolveRegistrationReadyRequests
+ https://bugs.webkit.org/show_bug.cgi?id=193217
+
+ Reviewed by Chris Dumez.
+
+ As can be seen from the traces, SWServer might clear its connections HashMap in its destructor.
+ This might then trigger calling SWServer::resolveRegistrationReadyRequests.
+ This method is iterating on the connections HashMap which is being cleared.
+ To remove this problem, move the HashMap in a temporary variable and clear the temporary variable.
+
+ * workers/service/server/SWServer.cpp:
+ (WebCore::SWServer::~SWServer):
+
2019-01-07 Jer Noble <[email protected]>
REGRESSION (r239519): ASSERTION FAILED: !m_adoptionIsRequired in com.apple.WebCore: void WTF::refIfNotNull<WebCore::CDMSessionMediaSourceAVFObjC> + 53
Modified: trunk/Source/WebCore/workers/service/server/SWServer.cpp (239714 => 239715)
--- trunk/Source/WebCore/workers/service/server/SWServer.cpp 2019-01-08 00:14:42 UTC (rev 239714)
+++ trunk/Source/WebCore/workers/service/server/SWServer.cpp 2019-01-08 00:39:27 UTC (rev 239715)
@@ -66,7 +66,8 @@
{
// Destroy the remaining connections before the SWServer gets destroyed since they have a raw pointer
// to the server and since they try to unregister clients from the server in their destructor.
- m_connections.clear();
+ auto connections = WTFMove(m_connections);
+ connections.clear();
allServers().remove(this);
}
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
