Bug 221027

Summary: REGRESSION(r271929): MobileSafari hangs upon launch due to a trivial deadlock in IOSurfacePool::setPoolSize
Product: WebKit Reporter: Ryosuke Niwa <rniwa>
Component: WebCore Misc.Assignee: Ryosuke Niwa <rniwa>
Status: RESOLVED FIXED    
Severity: Normal CC: cdumez, saam, simon.fraser, thorton, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 221010    
Attachments:
Description Flags
Patch none

Ryosuke Niwa
Reported 2021-01-27 00:48:30 PST
We hang inside IOSurfacePool::setPoolSize(unsigned long) via IOSurfacePool::discardAllSurfacesInternal() as the latter tries to grab the lock while setPoolSize holds a locker.
Attachments
Patch (2.63 KB, patch)
2021-01-27 00:53 PST, Ryosuke Niwa 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Ryosuke Niwa
Comment 1 2021-01-27 00:53:27 PST
Created attachment 418511 [details] Patch
Ryosuke Niwa
Comment 2 2021-01-27 03:06:22 PST
Comment on attachment 418511 [details] Patch Clearing flags on attachment: 418511 Committed r271943: <https://trac.webkit.org/changeset/271943>
Ryosuke Niwa
Comment 3 2021-01-27 03:06:25 PST
All reviewed patches have been landed. Closing bug.
Radar WebKit Bug Importer
Comment 4 2021-01-27 03:07:14 PST
<rdar://problem/73656115>
Chris Dumez
Comment 5 2021-01-27 07:38:12 PST
Comment on attachment 418511 [details] Patch Thanks for fixing.
Saam Barati
Comment 6 2021-01-27 13:17:02 PST
Comment on attachment 418511 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=418511&action=review > Source/WebCore/platform/graphics/cg/IOSurfacePool.cpp:332 > +void IOSurfacePool::discardAllSurfacesInternal() nit: A style I like in JSC is we do this by keeping the same function name, and requiring a locker to be passed in. So, we'd have: void discardAllSurfaces() and void discardAllSurfaces(const LockHolder&) and the former would call the latter with the locker as an argument. Same with `evict`
Note You need to log in before you can comment on or make changes to this bug.