RESOLVED FIXED 86034
GC race condition in OpaqueJSClass::prototype 
https://bugs.webkit.org/show_bug.cgi?id=86034
Summary GC race condition in OpaqueJSClass::prototype
Gavin Barraclough
Reported 2012-05-09 16:20:06 PDT
The bug here is basically: if (weakref) weakref->method() where a GC may occur between the if & the method call.
Attachments
Fix (2.47 KB, patch)
2012-05-09 16:31 PDT, Gavin Barraclough 		fpizlo: review+
buildbot: commit-queue-
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Gavin Barraclough
Comment 1 2012-05-09 16:31:08 PDT
Created attachment 141048 [details] Fix
Build Bot
Comment 2 2012-05-09 16:38:04 PDT
Comment on attachment 141048 [details] Fix Attachment 141048 [details] did not pass mac-ews (mac): Output: http://queues.webkit.org/results/12644873
Build Bot
Comment 3 2012-05-09 16:39:53 PDT
Comment on attachment 141048 [details] Fix Attachment 141048 [details] did not pass win-ews (win): Output: http://queues.webkit.org/results/12644874
Gavin Barraclough
Comment 4 2012-05-09 17:01:23 PDT
Fixed in r116575
Gavin Barraclough
Comment 5 2012-05-09 17:03:57 PDT
Ooops, landed b0rked version of patch, build fix in r116578.
Note You need to log in before you can comment on or make changes to this bug.