[Webkit-unassigned] [Bug 39331] New: Assertion failure in OriginQuotaManager.cpp
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue May 18 16:30:52 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=39331
Summary: Assertion failure in OriginQuotaManager.cpp
Product: WebKit
Version: 528+ (Nightly build)
Platform: All
OS/Version: All
Status: NEW
Severity: Normal
Priority: P2
Component: HTML DOM
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: ericu at chromium.org
CC: dumi at chromium.org
ASSERTION FAILED: usageRecord
(/Users/ericu/four/src/third_party/WebKit/WebCore/storage/OriginQuotaManager.cpp:130 long long unsigned int WebCore::OriginQuotaManager::diskUsage(WebCore::SecurityOrigin*) const)
I suspect this is because, in DatabaseTracker::removeOpenDatabase, we call originQuotaManager().removeOrigin() without in any way locking out other threads from adding new databases under that origin. So we're removing the last database, we decide to remove the origin from the origin quota manager, and as we're doing so someone's adding a new one. Then that new one won't be properly tracked, since we've blown away the record, and we assert when we later try to remove it.
I think this is rare and probably not dangerous [I hit it once in over 3000 test runs while looking for another race condition], but I haven't proven that yet.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list