[webkit-changes] [139929] trunk/Source/WebCore

Wed, 16 Jan 2013 15:09:33 -0800

Title: [139929] trunk/Source/WebCore
Revision
139929
Author
jsb...@chromium.org
Date
2013-01-16 15:11:07 -0800 (Wed, 16 Jan 2013)

Log Message

IndexedDB: Possible null ScriptExecutionContext passed to callbacks during frame destruction
https://bugs.webkit.org/show_bug.cgi?id=107050

Reviewed by Tony Chang.

Temporary code to defend against null contexts. Will either refute a hypothesis, or we'll
need to make a more systemic fix elsewhere. Either way it will be removed in a few days.
We're unable to repro, but watching crash reports from users. One possible source is
that during page tear-down WorkerScriptController::controllerForContext() returns null
(there's a comment about that case) leading to a null context.

No new tests - this shouldn't be happening.

* Modules/indexeddb/IDBObjectStore.cpp:
(WebCore::IDBObjectStore::createIndex):

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (139928 => 139929)


--- trunk/Source/WebCore/ChangeLog	2013-01-16 23:08:53 UTC (rev 139928)
+++ trunk/Source/WebCore/ChangeLog	2013-01-16 23:11:07 UTC (rev 139929)
@@ -1,3 +1,21 @@
+2013-01-16  Joshua Bell  <jsb...@chromium.org>
+
+        IndexedDB: Possible null ScriptExecutionContext passed to callbacks during frame destruction
+        https://bugs.webkit.org/show_bug.cgi?id=107050
+
+        Reviewed by Tony Chang.
+
+        Temporary code to defend against null contexts. Will either refute a hypothesis, or we'll
+        need to make a more systemic fix elsewhere. Either way it will be removed in a few days.
+        We're unable to repro, but watching crash reports from users. One possible source is
+        that during page tear-down WorkerScriptController::controllerForContext() returns null
+        (there's a comment about that case) leading to a null context.
+
+        No new tests - this shouldn't be happening.
+
+        * Modules/indexeddb/IDBObjectStore.cpp:
+        (WebCore::IDBObjectStore::createIndex):
+
 2013-01-16  Kenneth Russell  <k...@google.com>
 
         Simplify validation and data copying in WebGLBuffer

Modified: trunk/Source/WebCore/Modules/indexeddb/IDBObjectStore.cpp (139928 => 139929)


--- trunk/Source/WebCore/Modules/indexeddb/IDBObjectStore.cpp	2013-01-16 23:08:53 UTC (rev 139928)
+++ trunk/Source/WebCore/Modules/indexeddb/IDBObjectStore.cpp	2013-01-16 23:11:07 UTC (rev 139929)
@@ -356,6 +356,12 @@
 PassRefPtr<IDBIndex> IDBObjectStore::createIndex(ScriptExecutionContext* context, const String& name, const IDBKeyPath& keyPath, bool unique, bool multiEntry, ExceptionCode& ec)
 {
     IDB_TRACE("IDBObjectStore::createIndex");
+    // FIXME: Temporary code to determine if null contexts are plausible during frame destruction.
+    // https://bugs.webkit.org/show_bug.cgi?id=107050
+    ASSERT(context);
+    if (!context)
+        return 0;
+
     if (!m_transaction->isVersionChange() || m_deleted) {
         ec = IDBDatabaseException::InvalidStateError;
         return 0;

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to