IDBDatabase can null deref its ScriptExecutionContext inside connectionToServerLost If an IDBDatabase object is still live when a page navigates, then it loses its ScriptExecutionContext. Then - if before GC happens that would delete the database object - the database process connection is dropped, this callback doesn't do the right thing. I can make it do the right thing, but a targeted test will not be possible.
<rdar://problem/27169924>
Created attachment 282813 [details] Patch
Comment on attachment 282813 [details] Patch Could we make m_activeTransactions a HashMap to Refs instead of RefPtrs?
(In reply to comment #3) > Comment on attachment 282813 [details] > Patch > > Could we make m_activeTransactions a HashMap to Refs instead of RefPtrs? Sure, but that's outside the scope of this patch.
https://trac.webkit.org/changeset/202833