[Webkit-unassigned] [Bug 30612] New: Race condition in WorkerRunLoop::postTaskForMode

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Oct 20 18:01:52 PDT 2009


https://bugs.webkit.org/show_bug.cgi?id=30612

           Summary: Race condition in WorkerRunLoop::postTaskForMode
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Mac OS X 10.5
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore JavaScript
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: dimich at chromium.org


The MessageQueue keeps RefPtr<WorkerRunLoop::Task> objects. Unfortunately,
WorkerRunLoop::Task is RefCounted, not ThreadSafeShared. Because of this, when
the task is added to the queue, another thread can pick it up right away while
the RefPtr on the callstack is still to be deconstructed. This can cause race
condition.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.



More information about the webkit-unassigned mailing list