[webkit-changes] [146629] trunk/Source/WebCore

Fri, 22 Mar 2013 10:39:30 -0700

Title: [146629] trunk/Source/WebCore
Revision
146629
Author
jsb...@chromium.org
Date
2013-03-22 10:41:26 -0700 (Fri, 22 Mar 2013)

Log Message

REGRESSION (r146540?): Crashes in storage/indexeddb/factory-basics-workers.html, storage/indexeddb/transaction-error.html
https://bugs.webkit.org/show_bug.cgi?id=113019

Reviewed by Tony Chang.

Also manifesting flakily under Chromium's content_shell. It's an ASSERT being hit in
the IDBTransaction destructor. The cause was r146540 which allows a stopped context
to reclaim script wrappers. This allows the IDBTransaction to be deref'd at times where
it previously would have just leaked. Modulate the destructor assertions to account
for this case.

No new tests; failures already manifest as flaky crashes in some ports.

* Modules/indexeddb/IDBTransaction.cpp:
(WebCore::IDBTransaction::~IDBTransaction): If context is stopped, expected state
transitions/cleanup may not have occurred before destructor runs.

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (146628 => 146629)


--- trunk/Source/WebCore/ChangeLog	2013-03-22 17:34:20 UTC (rev 146628)
+++ trunk/Source/WebCore/ChangeLog	2013-03-22 17:41:26 UTC (rev 146629)
@@ -1,3 +1,22 @@
+2013-03-22  Joshua Bell  <jsb...@chromium.org>
+
+        REGRESSION (r146540?): Crashes in storage/indexeddb/factory-basics-workers.html, storage/indexeddb/transaction-error.html
+        https://bugs.webkit.org/show_bug.cgi?id=113019
+
+        Reviewed by Tony Chang.
+
+        Also manifesting flakily under Chromium's content_shell. It's an ASSERT being hit in
+        the IDBTransaction destructor. The cause was r146540 which allows a stopped context
+        to reclaim script wrappers. This allows the IDBTransaction to be deref'd at times where
+        it previously would have just leaked. Modulate the destructor assertions to account
+        for this case.
+
+        No new tests; failures already manifest as flaky crashes in some ports.
+
+        * Modules/indexeddb/IDBTransaction.cpp:
+        (WebCore::IDBTransaction::~IDBTransaction): If context is stopped, expected state
+        transitions/cleanup may not have occurred before destructor runs.
+
 2013-03-22  David Grogan  <dgro...@chromium.org>
 
         IndexedDB: Histogram available disk space on attempt to open database

Modified: trunk/Source/WebCore/Modules/indexeddb/IDBTransaction.cpp (146628 => 146629)


--- trunk/Source/WebCore/Modules/indexeddb/IDBTransaction.cpp	2013-03-22 17:34:20 UTC (rev 146628)
+++ trunk/Source/WebCore/Modules/indexeddb/IDBTransaction.cpp	2013-03-22 17:41:26 UTC (rev 146629)
@@ -116,8 +116,8 @@
 
 IDBTransaction::~IDBTransaction()
 {
-    ASSERT(m_state == Finished);
-    ASSERT(m_requestList.isEmpty());
+    ASSERT(m_state == Finished || m_contextStopped);
+    ASSERT(m_requestList.isEmpty() || m_contextStopped);
 }
 
 const String& IDBTransaction::mode() const

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to