MediaStream API: Fix a reference counting issue in UserMediaRequest
authortommyw@google.com <tommyw@google.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 11 May 2012 17:09:28 +0000 (17:09 +0000)
committertommyw@google.com <tommyw@google.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 11 May 2012 17:09:28 +0000 (17:09 +0000)
commit5b8e7cc641d91e63c03bcaf2f53400f253699312
treea9b8824c39babfa45ebed72da90bc3f3d06cf65e
parentad2dafb6da1f0cfbc065d920201e958f276dd612
MediaStream API: Fix a reference counting issue in UserMediaRequest
https://bugs.webkit.org/show_bug.cgi?id=86210

Reviewed by Abhishek Arya.

.:

* ManualTests/user-media-request-crash.html: Added.

Source/WebCore:

When contextDestroyed() is called on UserMediaRequest it does a callback to the
page client. If the receiving code clears their stored copy the UserMediaRequest
object is destroyed in the middle of the call.

Currently only testable manually against chrome, preferably with asan turned on.
I have added a manual test that verifies the fix, but I have started work
to make DumpRenderTree able to test this and many other things. The first patch is here:
https://bugs.webkit.org/show_bug.cgi?id=86215

* Modules/mediastream/UserMediaRequest.cpp:
(WebCore::UserMediaRequest::contextDestroyed):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@116783 268f45cc-cd09-0410-ab3c-d52691b4dbfc
ChangeLog
ManualTests/user-media-request-crash.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/Modules/mediastream/UserMediaRequest.cpp