Bug 158994

Summary: CodeBlock::shrinkToFit is racy
Product: WebKit Reporter: Saam Barati <saam>
Component: JavaScriptCoreAssignee: Saam Barati <saam>
Status: RESOLVED FIXED    
Severity: Normal CC: benjamin, commit-queue, fpizlo, ggaren, gskachkov, keith_miller, mark.lam, msaboff, oliver, sukolsak, webkit-bug-importer, ysuzuki
Priority: P2 Keywords: InRadar
Version: WebKit Local Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
patch
none
patch none

Saam Barati
Reported 2016-06-21 11:29:26 PDT
Let's say CodeBlock A is finalizing its baseline compile. Let's say CodeBlock B is inlining A, and asks A for a result profile. This happens as the finalizing step of the baseline compile calls shrinkToFit on its m_resultProfiles field without grabbing lock. This leads to a bad time.
Attachments
patch (1.87 KB, patch)
2016-06-21 11:49 PDT, Saam Barati 		no flags
DetailsFormatted DiffDiff
patch (1.87 KB, patch)
2016-06-21 11:51 PDT, Saam Barati 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Saam Barati
Comment 1 2016-06-21 11:30:43 PDT
<rdar://problem/26920212>
Saam Barati
Comment 2 2016-06-21 11:49:05 PDT
Created attachment 281762 [details] patch
Saam Barati
Comment 3 2016-06-21 11:51:36 PDT
Created attachment 281763 [details] patch
WebKit Commit Bot
Comment 4 2016-06-21 13:14:10 PDT
Comment on attachment 281763 [details] patch Clearing flags on attachment: 281763 Committed r202288: <http://trac.webkit.org/changeset/202288>
WebKit Commit Bot
Comment 5 2016-06-21 13:14:15 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.