[webkit-changes] [WebKit/WebKit] 092d1e: Cherry-pick 308044@main (3ef9914eedad). https://bu...

Tue, 24 Feb 2026 06:31:07 -0800 

  Branch: refs/heads/webkitglib/2.50
  Home:   https://github.com/WebKit/WebKit
  Commit: 092d1efa7b189de77130080554ff98c146144fe5
      
https://github.com/WebKit/WebKit/commit/092d1efa7b189de77130080554ff98c146144fe5
  Author: Claudio Saavedra <[email protected]>
  Date:   2026-02-24 (Tue, 24 Feb 2026)

  Changed paths:
    M LayoutTests/platform/win/TestExpectations
    A LayoutTests/storage/indexeddb/abort-while-committing-crash-expected.txt
    A LayoutTests/storage/indexeddb/abort-while-committing-crash.html
    M Source/WebCore/Modules/indexeddb/IDBTransaction.cpp

  Log Message:
  -----------
  Cherry-pick 308044@main (3ef9914eedad). 
https://bugs.webkit.org/show_bug.cgi?id=308462

    [WebKit][Main] [6b74450cea2d0aa4] ASAN_SEGV | 
WebCore::IDBTransaction::didCommit; 
WebCore::IDBTransaction::connectionClosedFromServer; 
WebCore::IDBDatabase::connectionToServerLost
    https://bugs.webkit.org/show_bug.cgi?id=308462

    Reviewed by Sihui Liu.

    When the connection is closed from the server, we might end up with
    transactions that are in the process of aborting and whose operations
    complete at the same time. This might cause an aborted transaction to
    to call operationCompletedOnClient(), in which case we shouldn't
    call didCommit as we are in an aborting state.

    This bug manifests itself in two ways:

    1. In Debug builds, the assertion in didCommit() will fail,
    as the transaction is in Aborting state instead of Committing.

    2. In a Release build, and particularly after 305703@main, it's
    possible to hit an assertion in IDBDatabase::willAbortTransaction(),
    as it doesn't find the transaction in neither the active or the
    committing transaction list, as the transaction is already in
    aborting state.

    Accounting for this in operationCompletedInClient() prevents both
    issues.

    Test reduced by Frédéric Wang <[email protected]>

    Test: storage/indexeddb/abort-while-committing-crash.html

    * LayoutTests/platform/win/TestExpectations:
    * LayoutTests/storage/indexeddb/abort-while-committing-crash-expected.txt: 
Added.
    * LayoutTests/storage/indexeddb/abort-while-committing-crash.html: Added.
    * Source/WebCore/Modules/indexeddb/IDBTransaction.cpp:
    (WebCore::IDBTransaction::operationCompletedOnClient):

    Canonical link: https://commits.webkit.org/308044@main

Canonical link: https://commits.webkit.org/298234.434@webkitglib/2.50



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications

Reply via email to