Bug 186237

Summary:

FunctionRareData::m_objectAllocationProfileWatchpoint is racy

Product:

WebKit

Reporter:

Filip Pizlo <fpizlo>

Component:

JavaScriptCore

Assignee:

Filip Pizlo <fpizlo>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

ews-watchlist, keith_miller, mark.lam, msaboff, saam, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

WebKit Nightly Build

Hardware:

All

OS:

All

Bug Depends on:

Bug Blocks:

164904

Attachments:

Description	Flags
the patch	saam: review+

Filip Pizlo

Reported 2018-06-02 10:31:09 PDT

We initialize it blind and let it go into auto-watch mode once the DFG adds a watchpoint, but that means that we never notice that it fired if it fires between when the DFG decides to watch it and when it actually adds the watchpoint.

Attachments
the patch (3.53 KB, patch) 2018-06-02 10:34 PDT, Filip Pizlo	saam: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Filip Pizlo

Comment 1 2018-06-02 10:34:05 PDT

Created attachment 341847 [details] the patch

Filip Pizlo

Comment 2 2018-06-07 14:01:34 PDT

Landed in https://trac.webkit.org/changeset/232598/webkit

Radar WebKit Bug Importer

Comment 3 2018-06-07 14:02:24 PDT

<rdar://problem/40909445>

Note You need to log in before you can comment on or make changes to this bug.