WebSQLiteDatabaseTracker does not ensure it is still alive after dispatching to the main thread, which is not safe.
Created attachment 376781 [details] Patch
Comment on attachment 376781 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=376781&action=review r=me > Source/WebKit/Shared/WebSQLiteDatabaseTracker.cpp:39 > + : m_weakThis(makeWeakPtr(*this)) This data member is just a copy of the pointer held by CanMakeWeakPtr<WebSQLiteDatabaseTracker>. It would be slightly more efficient to remove this data member, and instead do [weakThis = makeWeakPtr(*this)] in our lambda capture expressions. If there's an issue where it's not safe to call makeWeakPtr(*this) in our lambda capture expressions because they execute on another thread, then I'd recommend just calling makeWeakPtr(*this) here but not storing the result, with a comment explaining that we want to avoid initializing our weak pointer on a secondary thread.
Created attachment 376791 [details] Patch
(In reply to Chris Dumez from comment #3) > Created attachment 376791 [details] > Patch Ok, what do you think of this approach?
Attachment 376791 [details] did not pass style-queue: ERROR: Source/WTF/wtf/WeakPtr.h:159: Multi line control clauses should use braces. [whitespace/braces] [4] Total errors found: 1 in 4 files If any of these errors are false positives, please file a bug against check-webkit-style.
Comment on attachment 376791 [details] Patch cq+
Comment on attachment 376791 [details] Patch cq- because we came up with an even better idea in person
Created attachment 376797 [details] Patch
Comment on attachment 376797 [details] Patch Clearing flags on attachment: 376797 Committed r248918: <https://trac.webkit.org/changeset/248918>
All reviewed patches have been landed. Closing bug.
<rdar://problem/54530876>