| Issue 25645: | Possible data race on reference counter in WebKit on StringImpl | |
| 1 person starred this issue and may be notified of changes. | Back to list |
Sign in to add a comment
|
This data race was found using ThreadSanitizer ( http://dev.chromium.org/developers/how-tos/using-valgrind/threadsanitizer ). Please note that the previous data race found on ref. counter was the cause of a top crasher (see http://crbug.com/18488). I couldn't prove this data race with RaceChecker class (yet) as I did for http://crbug.com/24724 but the attached ThreadSanitizer report shows that the same StringImpl instance is ref/deref'ed from multiple threads. This is very likely to be a data race similar to 18488 and 24724.
|
||||||||||||||||||||||||
,
Oct 23, 2009
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=29894
------------------------------------------------------------------------
r29894 | timurrrr@chromium.org | 2009-10-23 09:05:47 -0700 (Fri, 23 Oct 2009) | 4 lines
Changed paths:
M http://src.chromium.org/viewvc/chrome/trunk/src/tools/valgrind/tsan/suppressions.txt?r1=29894&r2=29893
Added a suppression for http://crbug.com/25645
BUG=25645
TBR=dank
Review URL: http://codereview.chromium.org/337001
------------------------------------------------------------------------
|
|||||||||||||||||||||||||
,
Oct 23, 2009
(No comment was entered for this change.)
Labels: Mstone-X
|
|||||||||||||||||||||||||
,
Nov 02, 2009
(No comment was entered for this change.)
Owner: dglaz...@chromium.org
|
|||||||||||||||||||||||||
,
Nov 02, 2009
(No comment was entered for this change.)
Status: Assigned
Owner: jor...@chromium.org |
|||||||||||||||||||||||||
,
Nov 02, 2009
I will look into this again, but I've examined it closely before and I _believe_ it's safe. I'll make sure and report back, though. |
|||||||||||||||||||||||||
,
Nov 02, 2009
This does seem to be a real bug!
Status: Started
Labels: -Pri-2 -Mstone-X Pri-1 Mstone-4 |
|||||||||||||||||||||||||
,
Nov 04, 2009
Patch posted upstream: https://bugs.webkit.org/show_bug.cgi?id=31149 |
|||||||||||||||||||||||||
,
Nov 05, 2009
(No comment was entered for this change.)
Status: Fixed
|
|||||||||||||||||||||||||
,
Nov 13, 2009
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=31963
------------------------------------------------------------------------
r31963 | jorlow@chromium.org | 2009-11-13 14:44:53 -0800 (Fri, 13 Nov 2009) | 6 lines
Changed paths:
M http://src.chromium.org/viewvc/chrome/trunk/src/tools/valgrind/tsan/suppressions.txt?r1=31963&r2=31962
Remove suppression for a race that was fixed a while ago.
TEST=none
BUG=25645
Review URL: http://codereview.chromium.org/385109
------------------------------------------------------------------------
|
|||||||||||||||||||||||||
,
Nov 19, 2009
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=31963
------------------------------------------------------------------------
r31963 | jorlow@chromium.org | 2009-11-13 14:44:53 -0800 (Fri, 13 Nov 2009) | 6 lines
Changed paths:
M http://src.chromium.org/viewvc/chrome/trunk/src/tools/valgrind/tsan/suppressions.txt?r1=31963&r2=31962
Remove suppression for a race that was fixed a while ago.
TEST=none
BUG=25645
Review URL: http://codereview.chromium.org/385109
------------------------------------------------------------------------
|
|||||||||||||||||||||||||
| ► Sign in to add a comment | |||||||||||||||||||||||||
