Bug 166874

Summary: JSArray has some object scanning races
Product: WebKit Reporter: Filip Pizlo <fpizlo>
Component: JavaScriptCoreAssignee: Filip Pizlo <fpizlo>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, i, keith_miller, mark.lam, msaboff, saam, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: All   
OS: All   
Bug Depends on:    
Bug Blocks: 165909    
Attachments:
Description Flags
the patch
none
the patch mark.lam: review+

Filip Pizlo
Reported 2017-01-09 19:27:47 PST
Fix them with locks!
Attachments
the patch (7.52 KB, patch)
2017-01-09 20:03 PST, Filip Pizlo 		no flags
DetailsFormatted DiffDiff
the patch (8.73 KB, patch)
2017-01-09 20:05 PST, Filip Pizlo 		mark.lam: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2017-01-09 19:28:08 PST
<rdar://problem/29941356>
Filip Pizlo
Comment 2 2017-01-09 20:03:26 PST
Created attachment 298436 [details] the patch
Filip Pizlo
Comment 3 2017-01-09 20:05:17 PST
Created attachment 298437 [details] the patch
Mark Lam
Comment 4 2017-01-09 23:17:39 PST
Comment on attachment 298437 [details] the patch View in context: https://bugs.webkit.org/attachment.cgi?id=298437&action=review r=me > Source/JavaScriptCore/runtime/JSArray.cpp:1081 > - > + Please undo this empty space change.
Filip Pizlo
Comment 5 2017-01-10 10:39:30 PST
(In reply to comment #4) > Comment on attachment 298437 [details] > the patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=298437&action=review > > r=me > > > Source/JavaScriptCore/runtime/JSArray.cpp:1081 > > - > > + > > Please undo this empty space change. Fixed!
Filip Pizlo
Comment 6 2017-01-10 10:46:07 PST
Landed in https://trac.webkit.org/changeset/210553
Mark Lam
Comment 7 2017-01-13 16:07:57 PST
*** Bug 166795 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.