Skip to site navigation (Press enter)

[webkit-changes] [185107] trunk/Source/WebKit2

gyuyoung . kim Tue, 02 Jun 2015 02:13:03 -0700

Title: [185107] trunk/Source/WebKit2

Revision: 185107
Author: gyuyoung....@webkit.org
Date: 2015-06-02 02:12:41 -0700 (Tue, 02 Jun 2015)

Log Message

REGRESSION(r185091): Crash happens on indexdb tests
https://bugs.webkit.org/show_bug.cgi?id=145549


Reviewed by Csaba Osztrogonác.

r185091 caused crash on some indexeddb tests. The crash happens because IDBDatabaseError::create() doesn't
dereference count by using ptr(). It makes a crash when dereferencing on ~Ref() destructor. To fix this issue,
this patch uses leakRef() instead of ptr().

* WebProcess/Databases/IndexedDB/WebIDBServerConnection.cpp:
(WebKit::WebIDBServerConnection::didCreateObjectStore):
(WebKit::WebIDBServerConnection::didCreateIndex):
(WebKit::WebIDBServerConnection::didDeleteIndex):
(WebKit::WebIDBServerConnection::didPutRecord):
(WebKit::WebIDBServerConnection::didGetRecord):
(WebKit::WebIDBServerConnection::didOpenCursor):
(WebKit::WebIDBServerConnection::didAdvanceCursor):
(WebKit::WebIDBServerConnection::didIterateCursor):
(WebKit::WebIDBServerConnection::didCount):
(WebKit::WebIDBServerConnection::didDeleteRange):
(WebKit::WebIDBServerConnection::didClearObjectStore):
(WebKit::WebIDBServerConnection::didDeleteObjectStore):
(WebKit::WebIDBServerConnection::didChangeDatabaseVersion):

Modified Paths

trunk/Source/WebKit2/ChangeLog
trunk/Source/WebKit2/WebProcess/Databases/IndexedDB/WebIDBServerConnection.cpp

Diff

Modified: trunk/Source/WebKit2/ChangeLog (185106 => 185107)


--- trunk/Source/WebKit2/ChangeLog	2015-06-02 09:08:52 UTC (rev 185106)
+++ trunk/Source/WebKit2/ChangeLog	2015-06-02 09:12:41 UTC (rev 185107)
@@ -1,3 +1,29 @@
+2015-06-02  Gyuyoung Kim  <gyuyoung....@webkit.org>
+
+        REGRESSION(r185091): Crash happens on indexdb tests
+        https://bugs.webkit.org/show_bug.cgi?id=145549
+
+        Reviewed by Csaba Osztrogonác.
+
+        r185091 caused crash on some indexeddb tests. The crash happens because IDBDatabaseError::create() doesn't
+        dereference count by using ptr(). It makes a crash when dereferencing on ~Ref() destructor. To fix this issue,
+        this patch uses leakRef() instead of ptr().
+
+        * WebProcess/Databases/IndexedDB/WebIDBServerConnection.cpp:
+        (WebKit::WebIDBServerConnection::didCreateObjectStore):
+        (WebKit::WebIDBServerConnection::didCreateIndex):
+        (WebKit::WebIDBServerConnection::didDeleteIndex):
+        (WebKit::WebIDBServerConnection::didPutRecord):
+        (WebKit::WebIDBServerConnection::didGetRecord):
+        (WebKit::WebIDBServerConnection::didOpenCursor):
+        (WebKit::WebIDBServerConnection::didAdvanceCursor):
+        (WebKit::WebIDBServerConnection::didIterateCursor):
+        (WebKit::WebIDBServerConnection::didCount):
+        (WebKit::WebIDBServerConnection::didDeleteRange):
+        (WebKit::WebIDBServerConnection::didClearObjectStore):
+        (WebKit::WebIDBServerConnection::didDeleteObjectStore):
+        (WebKit::WebIDBServerConnection::didChangeDatabaseVersion):
+
 2015-06-01  Enrica Casucci  <enr...@apple.com>
 
         [iOS] Hardware Keyboard: All combinations for arrow keys with Shift do not extend the selection.

Modified: trunk/Source/WebKit2/WebProcess/Databases/IndexedDB/WebIDBServerConnection.cpp (185106 => 185107)


--- trunk/Source/WebKit2/WebProcess/Databases/IndexedDB/WebIDBServerConnection.cpp	2015-06-02 09:08:52 UTC (rev 185106)
+++ trunk/Source/WebKit2/WebProcess/Databases/IndexedDB/WebIDBServerConnection.cpp	2015-06-02 09:12:41 UTC (rev 185107)
@@ -336,7 +336,7 @@
     if (!serverRequest)
         return;
 
-    serverRequest->completeRequest(success ? nullptr : IDBDatabaseError::create(IDBDatabaseException::UnknownError, "Unknown error occured creating object store").ptr());
+    serverRequest->completeRequest(success ? nullptr : &IDBDatabaseError::create(IDBDatabaseException::UnknownError, "Unknown error occured creating object store").leakRef());
 }
 
 void WebIDBServerConnection::createIndex(IDBTransactionBackend&transaction, const CreateIndexOperation& operation, std::function<void (PassRefPtr<IDBDatabaseError>)> completionCallback)
@@ -365,7 +365,7 @@
     if (!serverRequest)
         return;
 
-    serverRequest->completeRequest(success ? nullptr : IDBDatabaseError::create(IDBDatabaseException::UnknownError, "Unknown error occured creating index").ptr());
+    serverRequest->completeRequest(success ? nullptr : &IDBDatabaseError::create(IDBDatabaseException::UnknownError, "Unknown error occured creating index").leakRef());
 }
 
 void WebIDBServerConnection::deleteIndex(IDBTransactionBackend&transaction, const DeleteIndexOperation& operation, std::function<void (PassRefPtr<IDBDatabaseError>)> completionCallback)
@@ -394,7 +394,7 @@
     if (!serverRequest)
         return;
 
-    serverRequest->completeRequest(success ? nullptr : IDBDatabaseError::create(IDBDatabaseException::UnknownError, "Unknown error occured deleting index").ptr());
+    serverRequest->completeRequest(success ? nullptr : &IDBDatabaseError::create(IDBDatabaseException::UnknownError, "Unknown error occured deleting index").leakRef());
 }
 
 void WebIDBServerConnection::get(IDBTransactionBackend& transaction, const GetOperation& operation, std::function<void (const IDBGetResult&, PassRefPtr<IDBDatabaseError>)> completionCallback)
@@ -453,7 +453,7 @@
     if (!serverRequest)
         return;
 
-    serverRequest->completeRequest(resultKey.isNull ? nullptr : resultKey.maybeCreateIDBKey(), errorCode ? IDBDatabaseError::create(errorCode, errorMessage).ptr() : nullptr);
+    serverRequest->completeRequest(resultKey.isNull ? nullptr : resultKey.maybeCreateIDBKey(), errorCode ? &IDBDatabaseError::create(errorCode, errorMessage).leakRef() : nullptr);
 }
 
 void WebIDBServerConnection::didGetRecord(uint64_t requestID, const WebCore::IDBGetResult& getResult, uint32_t errorCode, const String& errorMessage)
@@ -465,7 +465,7 @@
     if (!serverRequest)
         return;
 
-    serverRequest->completeRequest(getResult, errorCode ? IDBDatabaseError::create(errorCode, errorMessage).ptr() : nullptr);
+    serverRequest->completeRequest(getResult, errorCode ? &IDBDatabaseError::create(errorCode, errorMessage).leakRef() : nullptr);
 }
 
 void WebIDBServerConnection::didOpenCursor(uint64_t requestID, int64_t cursorID, const IDBKeyData& key, const IDBKeyData& primaryKey, const IPC::DataReference& valueData, uint32_t errorCode, const String& errorMessage)
@@ -478,7 +478,7 @@
         return;
 
     RefPtr<SharedBuffer> value = SharedBuffer::create(valueData.data(), valueData.size());
-    serverRequest->completeRequest(cursorID, key.maybeCreateIDBKey(), primaryKey.maybeCreateIDBKey(), value.release(), errorCode ? IDBDatabaseError::create(errorCode, errorMessage).ptr() : nullptr);
+    serverRequest->completeRequest(cursorID, key.maybeCreateIDBKey(), primaryKey.maybeCreateIDBKey(), value.release(), errorCode ? &IDBDatabaseError::create(errorCode, errorMessage).leakRef() : nullptr);
 }
 
 void WebIDBServerConnection::didAdvanceCursor(uint64_t requestID, const IDBKeyData& key, const IDBKeyData& primaryKey, const IPC::DataReference& valueData, uint32_t errorCode, const String& errorMessage)
@@ -491,7 +491,7 @@
         return;
 
     RefPtr<SharedBuffer> value = SharedBuffer::create(valueData.data(), valueData.size());
-    serverRequest->completeRequest(key.maybeCreateIDBKey(), primaryKey.maybeCreateIDBKey(), value.release(), errorCode ? IDBDatabaseError::create(errorCode, errorMessage).ptr() : nullptr);
+    serverRequest->completeRequest(key.maybeCreateIDBKey(), primaryKey.maybeCreateIDBKey(), value.release(), errorCode ? &IDBDatabaseError::create(errorCode, errorMessage).leakRef() : nullptr);
 }
 
 void WebIDBServerConnection::didIterateCursor(uint64_t requestID, const IDBKeyData& key, const IDBKeyData& primaryKey, const IPC::DataReference& valueData, uint32_t errorCode, const String& errorMessage)
@@ -504,7 +504,7 @@
         return;
 
     RefPtr<SharedBuffer> value = SharedBuffer::create(valueData.data(), valueData.size());
-    serverRequest->completeRequest(key.maybeCreateIDBKey(), primaryKey.maybeCreateIDBKey(), value.release(), errorCode ? IDBDatabaseError::create(errorCode, errorMessage).ptr() : nullptr);
+    serverRequest->completeRequest(key.maybeCreateIDBKey(), primaryKey.maybeCreateIDBKey(), value.release(), errorCode ? &IDBDatabaseError::create(errorCode, errorMessage).leakRef() : nullptr);
 }
 
 void WebIDBServerConnection::count(IDBTransactionBackend& transaction, const CountOperation& operation, std::function<void (int64_t, PassRefPtr<IDBDatabaseError>)> completionCallback)
@@ -533,7 +533,7 @@
     if (!serverRequest)
         return;
 
-    serverRequest->completeRequest(count, errorCode ? IDBDatabaseError::create(errorCode, errorMessage).ptr() : nullptr);
+    serverRequest->completeRequest(count, errorCode ? &IDBDatabaseError::create(errorCode, errorMessage).leakRef() : nullptr);
 }
 
 void WebIDBServerConnection::deleteRange(IDBTransactionBackend& transaction, const DeleteRangeOperation& operation, std::function<void (PassRefPtr<IDBDatabaseError>)> completionCallback)
@@ -562,7 +562,7 @@
     if (!serverRequest)
         return;
 
-    serverRequest->completeRequest(errorCode ? IDBDatabaseError::create(errorCode, errorMessage).ptr() : nullptr);
+    serverRequest->completeRequest(errorCode ? &IDBDatabaseError::create(errorCode, errorMessage).leakRef() : nullptr);
 }
 
 void WebIDBServerConnection::clearObjectStore(IDBTransactionBackend&, const ClearObjectStoreOperation& operation, std::function<void (PassRefPtr<IDBDatabaseError>)> completionCallback)
@@ -591,7 +591,7 @@
     if (!serverRequest)
         return;
 
-    serverRequest->completeRequest(success ? nullptr : IDBDatabaseError::create(IDBDatabaseException::UnknownError, "Unknown error occured clearing object store").ptr());
+    serverRequest->completeRequest(success ? nullptr : &IDBDatabaseError::create(IDBDatabaseException::UnknownError, "Unknown error occured clearing object store").leakRef());
 }
 
 void WebIDBServerConnection::deleteObjectStore(IDBTransactionBackend&, const DeleteObjectStoreOperation& operation, std::function<void (PassRefPtr<IDBDatabaseError>)> completionCallback)
@@ -620,7 +620,7 @@
     if (!serverRequest)
         return;
 
-    serverRequest->completeRequest(success ? nullptr : IDBDatabaseError::create(IDBDatabaseException::UnknownError, "Unknown error occured deleting object store").ptr());
+    serverRequest->completeRequest(success ? nullptr : &IDBDatabaseError::create(IDBDatabaseException::UnknownError, "Unknown error occured deleting object store").leakRef());
 }
 
 void WebIDBServerConnection::changeDatabaseVersion(IDBTransactionBackend&, const IDBDatabaseBackend::VersionChangeOperation& operation, std::function<void (PassRefPtr<IDBDatabaseError>)> completionCallback)
@@ -649,7 +649,7 @@
     if (!serverRequest)
         return;
 
-    serverRequest->completeRequest(success ? nullptr : IDBDatabaseError::create(IDBDatabaseException::UnknownError, "Unknown error occured changing database version").ptr());
+    serverRequest->completeRequest(success ? nullptr : &IDBDatabaseError::create(IDBDatabaseException::UnknownError, "Unknown error occured changing database version").leakRef());
 }
 
 void WebIDBServerConnection::openCursor(IDBTransactionBackend&, const OpenCursorOperation& operation, std::function<void (int64_t, PassRefPtr<IDBKey>, PassRefPtr<IDBKey>, PassRefPtr<SharedBuffer>, PassRefPtr<IDBDatabaseError>)> completionCallback)

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes