[webkit-changes] [91571] trunk/Source/WebCore

Fri, 22 Jul 2011 10:07:21 -0700

Title: [91571] trunk/Source/WebCore
Revision
91571
Author
commit-qu...@webkit.org
Date
2011-07-22 10:07:15 -0700 (Fri, 22 Jul 2011)

Log Message

Fix crash in IDBRequest::abort
https://bugs.webkit.org/show_bug.cgi?id=64740

Patch by David Grogan <dgro...@chromium.org> on 2011-07-22
Reviewed by Nate Chapin.

Tested manually with the testcase in the bug.

* storage/IDBRequest.cpp:
(WebCore::IDBRequest::~IDBRequest):
(WebCore::IDBRequest::abort):

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (91570 => 91571)


--- trunk/Source/WebCore/ChangeLog	2011-07-22 15:50:35 UTC (rev 91570)
+++ trunk/Source/WebCore/ChangeLog	2011-07-22 17:07:15 UTC (rev 91571)
@@ -1,3 +1,16 @@
+2011-07-22  David Grogan  <dgro...@chromium.org>
+
+        Fix crash in IDBRequest::abort
+        https://bugs.webkit.org/show_bug.cgi?id=64740
+
+        Reviewed by Nate Chapin.
+
+        Tested manually with the testcase in the bug.
+
+        * storage/IDBRequest.cpp:
+        (WebCore::IDBRequest::~IDBRequest):
+        (WebCore::IDBRequest::abort):
+
 2011-07-22  Patrick Gansterer  <par...@webkit.org>
 
         Replace preprocessor statements in IDL files with Conditional attribute

Modified: trunk/Source/WebCore/storage/IDBRequest.cpp (91570 => 91571)


--- trunk/Source/WebCore/storage/IDBRequest.cpp	2011-07-22 15:50:35 UTC (rev 91570)
+++ trunk/Source/WebCore/storage/IDBRequest.cpp	2011-07-22 17:07:15 UTC (rev 91571)
@@ -66,7 +66,7 @@
 
 IDBRequest::~IDBRequest()
 {
-    ASSERT(m_readyState == DONE || m_readyState == EarlyDeath);
+    ASSERT(m_readyState == DONE || m_readyState == EarlyDeath || !scriptExecutionContext());
     if (m_transaction)
         m_transaction->unregisterRequest(this);
 }
@@ -149,8 +149,11 @@
         ASSERT(m_readyState == DONE);
         return;
     }
+    // FIXME: Remove isDocument check when
+    // https://bugs.webkit.org/show_bug.cgi?id=57789 is resolved.
+    if (!scriptExecutionContext() || !scriptExecutionContext()->isDocument())
+        return;
 
-    ASSERT(scriptExecutionContext()->isDocument());
     EventQueue* eventQueue = static_cast<Document*>(scriptExecutionContext())->eventQueue();
     for (size_t i = 0; i < m_enqueuedEvents.size(); ++i) {
         bool removed = eventQueue->cancelEvent(m_enqueuedEvents[i].get());

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes

Reply via email to