[Webkit-unassigned] [Bug 30954] Possible race condition in Database.cpp
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Nov 2 03:28:28 PST 2009
https://bugs.webkit.org/show_bug.cgi?id=30954
--- Comment #1 from Xan Lopez <xan.lopez at gmail.com> 2009-11-02 03:28:26 PDT ---
There's another possible race condition spotted by valgrind/helgrind running
the same test (the test is
storage/open-database-while-transaction-in-progress.html, btw):
==18197== Possible data race during write of size 4 at 0xa643cb4 by thread #1
==18197== at 0x47F7607: WebCore::SQLTransaction::deliverSuccessCallback()
(SQLTransaction.cpp:482)
==18197== by 0x47F6351: WebCore::SQLTransaction::performPendingCallback()
(SQLTransaction.cpp:204)
==18197== by 0x47D63EA: WebCore::Database::deliverPendingCallback(void*)
(Database.cpp:624)
==18197== by 0x41015EF: WTF::dispatchFunctionsFromMainThread()
(MainThread.cpp:94)
==18197== by 0x41072FF: WTF::timeoutFired(void*) (MainThreadGtk.cpp:43)
==18197== by 0x7998D22: g_timeout_dispatch (gmain.c:3396)
==18197== by 0x7995EB9: g_main_dispatch (gmain.c:1960)
==18197== by 0x7997116: g_main_context_dispatch (gmain.c:2513)
==18197== by 0x7997536: g_main_context_iterate (gmain.c:2591)
==18197== by 0x7997C42: g_main_loop_run (gmain.c:2799)
==18197== by 0x7324C59: gtk_main (gtkmain.c:1218)
==18197== by 0x80509B1: runTest(std::string const&) (DumpRenderTree.cpp:488)
==18197== This conflicts with a previous read of size 4 by thread #3
==18197== at 0x47F61A7: WebCore::SQLTransaction::performNextStep()
(SQLTransaction.cpp:188)
==18197== by 0x47DE2A5: WebCore::DatabaseTransactionTask::doPerformTask()
(DatabaseTask.cpp:145)
==18197== by 0x47DDD0B: WebCore::DatabaseTask::performTask()
(DatabaseTask.cpp:56)
==18197== by 0x47DEE45: WebCore::DatabaseThread::databaseThread()
(DatabaseThread.cpp:99)
==18197== by 0x47DED92: WebCore::DatabaseThread::databaseThreadStart(void*)
(DatabaseThread.cpp:82)
==18197== by 0x41044B5: WTF::threadEntryPoint(void*) (Threading.cpp:64)
==18197== by 0x4009B47: mythread_wrapper (hg_intercepts.c:201)
==18197== by 0x56F51E: start_thread (pthread_create.c:297)
>From reading the code a bit it would seem that in most places the lock
(m_lockAcquired) is supposed to be held when running any step of a transaction.
In some cases, though, it's not explicitly enforced, and in this one it seems
to be completely missing.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list