Title: [204262] trunk/Source/WebCore
- Revision
- 204262
- Author
- cdu...@apple.com
- Date
- 2016-08-08 12:39:36 -0700 (Mon, 08 Aug 2016)
Log Message
Regression(r204239): Caused flaky crashes under ~Database()
https://bugs.webkit.org/show_bug.cgi?id=160665
<rdar://problem/27748065>
Reviewed by Brady Eidson.
Make sure the scriptExecution context only gets ref'd / deref'd
on the context thread. Document / WorkerGlobalScope are not
ThreadSafeRefCounted.
No new tests, already covered by:
storage/websql/open-database-creation-callback.html
* Modules/webdatabase/Database.cpp:
(WebCore::Database::~Database):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (204261 => 204262)
--- trunk/Source/WebCore/ChangeLog 2016-08-08 18:56:54 UTC (rev 204261)
+++ trunk/Source/WebCore/ChangeLog 2016-08-08 19:39:36 UTC (rev 204262)
@@ -1,3 +1,21 @@
+2016-08-08 Chris Dumez <cdu...@apple.com>
+
+ Regression(r204239): Caused flaky crashes under ~Database()
+ https://bugs.webkit.org/show_bug.cgi?id=160665
+ <rdar://problem/27748065>
+
+ Reviewed by Brady Eidson.
+
+ Make sure the scriptExecution context only gets ref'd / deref'd
+ on the context thread. Document / WorkerGlobalScope are not
+ ThreadSafeRefCounted.
+
+ No new tests, already covered by:
+ storage/websql/open-database-creation-callback.html
+
+ * Modules/webdatabase/Database.cpp:
+ (WebCore::Database::~Database):
+
2016-08-08 John Wilander <wilan...@apple.com>
Don't set document.domain to an IP address fragment
Modified: trunk/Source/WebCore/Modules/webdatabase/Database.cpp (204261 => 204262)
--- trunk/Source/WebCore/Modules/webdatabase/Database.cpp 2016-08-08 18:56:54 UTC (rev 204261)
+++ trunk/Source/WebCore/Modules/webdatabase/Database.cpp 2016-08-08 19:39:36 UTC (rev 204262)
@@ -243,12 +243,10 @@
{
// The reference to the ScriptExecutionContext needs to be cleared on the _javascript_ thread. If we're on that thread already, we can just let the RefPtr's destruction do the dereffing.
if (!m_scriptExecutionContext->isContextThread()) {
- // Grab a pointer to the script execution here because we're releasing it when we pass it to
- // DerefContextTask::create.
- RefPtr<ScriptExecutionContext> passedContext = WTFMove(m_scriptExecutionContext);
- passedContext->postTask({ScriptExecutionContext::Task::CleanupTask, [passedContext] (ScriptExecutionContext& context) {
- ASSERT_UNUSED(context, &context == passedContext);
- RefPtr<ScriptExecutionContext> scriptExecutionContext(passedContext);
+ Ref<ScriptExecutionContext> passedContext = m_scriptExecutionContext.releaseNonNull();
+ auto& contextRef = passedContext.get();
+ contextRef.postTask({ScriptExecutionContext::Task::CleanupTask, [passedContext = WTFMove(passedContext)] (ScriptExecutionContext& context) {
+ ASSERT_UNUSED(context, &context == passedContext.ptr());
}});
}
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
