[Webkit-unassigned] [Bug 158004] New: Modern IDB: TransactionOperations from a worker thread might be destroyed on main thread
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon May 23 16:27:41 PDT 2016
https://bugs.webkit.org/show_bug.cgi?id=158004
Bug ID: 158004
Summary: Modern IDB: TransactionOperations from a worker thread
might be destroyed on main thread
Classification: Unclassified
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: WebCore Misc.
Assignee: webkit-unassigned at lists.webkit.org
Reporter: beidson at apple.com
Modern IDB: TransactionOperations from a worker thread might be destroyed on main thread
This bug is spawned from https://bugs.webkit.org/show_bug.cgi?id=157525
An example of this happening on the bots is here: https://bugs.webkit.org/attachment.cgi?id=278975
The big problem is in IDBConnectionProxy:
template<typename T, typename... Parameters, typename... Arguments>
void performCallbackOnCorrectThread(T& object, void (T::*method)(Parameters...), Arguments&&... arguments)
{
ASSERT(isMainThread());
if (object.originThreadID() == currentThread()) {
(object.*method)(arguments...);
return;
}
ScriptExecutionContext* context = object.scriptExecutionContext();
if (!context)
return;
context->postCrossThreadTask(object, method, arguments...);
}
It is possible that the worker thread's context has been stopped by the time a TransactionOperation that was created on the worker thread is completed.
In that case, it falls into the "if (!context) return;" clause.
And when it does that, the operation will be released on the main thread, which is its only option.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160523/f3bf6a96/attachment.html>
More information about the webkit-unassigned
mailing list