[Webkit-unassigned] [Bug 98078] IndexedDB: IDBRequest/IDBCursor reference cycle not broken until transaction completes
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Nov 16 10:23:09 PST 2012
https://bugs.webkit.org/show_bug.cgi?id=98078
--- Comment #2 from Joshua Bell <jsbell at chromium.org> 2012-11-16 10:25:01 PST ---
Outline for a possible fix:
1. Have IDBRequest and IDBCursor derive from RefCountedBase instead
2. Override deref() on both to call RefCountedBase::deref(), then into a new IDBRequest::maybeBreakRefCycle(); if the cursor doesn't have a request ref, this is moot
3. IDBRequest::maybeBreakRefCycle() checks IDBRequest::isReferencingCursor() and IDBCursor::isReferencingRequest(); if false, this is moot.
4. IDBRequest::maybeBreakRefCycle() checks the refcounts. If both are 1, the request derefs the cursor.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list