[Webkit-unassigned] [Bug 107377] [GTK][IndexedDB] Crash in WebCore::ScriptExecutionContext::willDestroyActiveDOMObject
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Sep 13 10:48:23 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=107377
--- Comment #2 from Joshua Bell <jsbell at chromium.org> 2013-09-13 10:47:34 PST ---
(From update of attachment 211511)
View in context: https://bugs.webkit.org/attachment.cgi?id=211511&action=review
> Source/WebCore/Modules/indexeddb/IDBTransaction.cpp:234
> while (!m_requestList.isEmpty()) {
FYI, it looks like we solved this in Blink by simply skipping the request list cleanup if the context is stopped, plus some other transaction/database/request lifetime management tweaks.
The Blink patch was https://chromiumcodereview.appspot.com/14236002 - note the commit comment "The unit test turned up a subtle but apparently harmless quirk caused by arbitrary ordering of ActiveDOMObject::stop() calls..." - shortly after this patch in trunk we saw a crash report from beta and realized it wasn't so harmless, and backported the fix to the beta.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list