The 1st argument is a string that is copied in this call: ... SQLStatement::create(sqlStatement.copy(), ...); SQLStatement also copies this string (see WebCore/storage/SQLStatement.cpp): SQLStatement::SQLStatement(const String& statement, ...) : m_statement(statement.copy())
Created attachment 30767 [details] Proposed fix.
Landed in @r44274.