[Webkit-unassigned] [Bug 67582] Calling nativeImageForCurrentFrame() causes assertion failure: m_verifier.isSafeToUse()
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Sep 5 23:26:27 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=67582
--- Comment #1 from David Levin <levin at chromium.org> 2011-09-05 23:26:27 PST ---
So the problem is her: http://www.google.com/codesearch#OAMlx_jo-ck/src/third_party/WebKit/Source/WebCore/platform/image-decoders/ImageDecoder.h&type=cs&l=246
In ImageDecoder.h
virtual void setData(SharedBuffer* data, bool allDataReceived)
{
if (m_failed)
return;
m_data = data;
On this last line, which ref counts a shared buffer.
That shared buffer is part of the icon which is shared across threads. At the moment, I don't know if something really tricky is going on or this is not thread safe -- at the moment, it doesn't look threadsafe.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list