[webkit-changes] [186623] branches/safari-600.8-branch/Source/WebCore

Thu, 09 Jul 2015 14:03:43 -0700

Title: [186623] branches/safari-600.8-branch/Source/WebCore
Revision
186623
Author
matthew_han...@apple.com
Date
2015-07-09 14:03:05 -0700 (Thu, 09 Jul 2015)

Log Message

Merge r186556. rdar://problem/21716415


Modified Paths

Diff

Modified: branches/safari-600.8-branch/Source/WebCore/ChangeLog (186622 => 186623)


--- branches/safari-600.8-branch/Source/WebCore/ChangeLog	2015-07-09 21:03:02 UTC (rev 186622)
+++ branches/safari-600.8-branch/Source/WebCore/ChangeLog	2015-07-09 21:03:05 UTC (rev 186623)
@@ -1,5 +1,26 @@
 2015-07-09  Matthew Hanson  <matthew_han...@apple.com>
 
+        Merge r186556. rdar://problem/21716415
+
+    2015-07-08  Matthew Hanson  <matthew_han...@apple.com>
+
+            Merge r183398. rdar://problem/21716555
+
+        2015-04-27  Darin Adler  <da...@apple.com>
+
+                Crashes under IDBDatabase::closeConnection
+                https://bugs.webkit.org/show_bug.cgi?id=141745
+
+                Reviewed by Alexey Proskuryakov.
+
+                * Modules/indexeddb/IDBDatabase.cpp:
+                (WebCore::IDBDatabase::~IDBDatabase): Do the work of close/closeConnection without
+                actually calling those functions.
+                (WebCore::IDBDatabase::closeConnection): Protect the database so it's not destroyed
+                in the middle of this function's execution.
+
+2015-07-09  Matthew Hanson  <matthew_han...@apple.com>
+
         Merge r186554. rdar://problem/21716400
 
     2015-07-08  Matthew Hanson  <matthew_han...@apple.com>

Modified: branches/safari-600.8-branch/Source/WebCore/Modules/indexeddb/IDBDatabase.cpp (186622 => 186623)


--- branches/safari-600.8-branch/Source/WebCore/Modules/indexeddb/IDBDatabase.cpp	2015-07-09 21:03:02 UTC (rev 186622)
+++ branches/safari-600.8-branch/Source/WebCore/Modules/indexeddb/IDBDatabase.cpp	2015-07-09 21:03:05 UTC (rev 186623)
@@ -70,7 +70,26 @@
 
 IDBDatabase::~IDBDatabase()
 {
-    close();
+    // This does what IDBDatabase::close does, but without any ref/deref of the
+    // database since it is already in the process of being deleted. The logic here
+    // is also simpler since we know there are no transactions (since they ref the
+    // database when they are alive).
+
+    ASSERT(m_transactions.isEmpty());
+
+    if (!m_closePending) {
+        m_closePending = true;
+        m_backend->close(m_databaseCallbacks);
+    }
+
+    if (auto* context = scriptExecutionContext()) {
+        // Remove any pending versionchange events scheduled to fire on this
+        // connection. They would have been scheduled by the backend when another
+        // connection called setVersion, but the frontend connection is being
+        // closed before they could fire.
+        for (auto& event : m_enqueuedEvents)
+            context->eventQueue().cancelEvent(*event);
+    }
 }
 
 int64_t IDBDatabase::nextTransactionId()

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to