Holding the SessionManager mutex isn't enough. Not that close_surface isn't routed through the SessionManager which is where this race is triggered. The existing locking around close_session is asctually enough to prevent it.
DefaultSessionContainer::remove_session perhaps need not throw (though I think this usage is indicative of programmer error). Still though, that would leave the race around WindowHandleRepository.
More than those two, there is a race in every portion of the shell which has code like:
Step 1: Get surface from session
Step 2: Query properties from surface.
Step 2 can always throw as it stands and there is no reasonable way to get around it.
Holding the SessionManager mutex isn't enough. Not that close_surface isn't routed through the SessionManager which is where this race is triggered. The existing locking around close_session is asctually enough to prevent it.
DefaultSessionC ontainer: :remove_ session perhaps need not throw (though I think this usage is indicative of programmer error). Still though, that would leave the race around WindowHandleRep ository.
More than those two, there is a race in every portion of the shell which has code like:
Step 1: Get surface from session
Step 2: Query properties from surface.
Step 2 can always throw as it stands and there is no reasonable way to get around it.