Summary: | IndexedDB: Crash on checking version of corrupt backing store | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Joshua Bell <jsbell> | ||||||||
Component: | New Bugs | Assignee: | Joshua Bell <jsbell> | ||||||||
Status: | RESOLVED FIXED | ||||||||||
Severity: | Normal | CC: | alecflett, dgrogan, tony, webkit.review.bot | ||||||||
Priority: | P2 | ||||||||||
Version: | 528+ (Nightly build) | ||||||||||
Hardware: | Unspecified | ||||||||||
OS: | Unspecified | ||||||||||
Bug Depends on: | 99636 | ||||||||||
Bug Blocks: | |||||||||||
Attachments: |
|
Description
Joshua Bell
2012-10-29 12:09:42 PDT
Created attachment 171288 [details]
Patch
alecflett@ - please take a look See comments in webkit.org/b/99636 re: testing The in-progress tests in crrev.com/11196029 should be expanded to include this case. Created attachment 171292 [details]
Patch
Comment on attachment 171292 [details]
Patch
LGTM
tony@ - r? cq? Comment on attachment 171292 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=171292&action=review > Source/WebCore/Modules/indexeddb/IDBLevelDBBackingStore.cpp:299 > + if (db) { > + if (!isSchemaKnown(db.get())) { Nit: Can we merge these into a single if? Created attachment 171308 [details]
Patch for landing
(In reply to comment #7) > Nit: Can we merge these into a single if? Done, thanks. Comment on attachment 171308 [details] Patch for landing Clearing flags on attachment: 171308 Committed r132848: <http://trac.webkit.org/changeset/132848> All reviewed patches have been landed. Closing bug. Comment on attachment 171308 [details] Patch for landing View in context: https://bugs.webkit.org/attachment.cgi?id=171308&action=review > Source/WebCore/Modules/indexeddb/IDBLevelDBBackingStore.cpp:301 > + db.release(); Is there a reason that this is db.release() instead of db.clear()? AFAICT they would act identically here, just wondering if [release() was arbitrary] or [a conscious choice and I'm missing something]. (In reply to comment #12) > (From update of attachment 171308 [details]) > View in context: https://bugs.webkit.org/attachment.cgi?id=171308&action=review > > > Source/WebCore/Modules/indexeddb/IDBLevelDBBackingStore.cpp:301 > > + db.release(); > > Is there a reason that this is db.release() instead of db.clear()? AFAICT they would act identically here, just wondering if [release() was arbitrary] or [a conscious choice and I'm missing something]. Not a conscious choice. I agree it should be clear(). (I noticed that later and have that change in a branch somewhere, apparently not uploaded anywhere.) |