If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Ensure that the background finalize state is not reset before the ArenaList state is synchronized between threads

RESOLVED FIXED in mozilla36

Status

()

Core
JavaScript: GC
RESOLVED FIXED
3 years ago
3 years ago

People

(Reporter: ehoogeveen, Assigned: ehoogeveen)

Tracking

(Blocks: 1 bug)

Trunk
mozilla36
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment, 1 obsolete attachment)

(Assignee)

Description

3 years ago
From bug 1080584: "Hmm, there's one edge case I think we should handle though: currently we set the BFS to BFS_DONE *before* releasing the GC lock, which potentially leaves a period before the memory barrier where allocateFromArena could see BFS == BFS_DONE."
(Assignee)

Comment 1

3 years ago
Created attachment 8504075 [details] [diff] [review]
Reset the background finalize state outside the GC lock.
Attachment #8504075 - Flags: review?(terrence)
(Assignee)

Comment 2

3 years ago
The situation is worse than I thought, but I think we're okay after this patch. See also bug 1080584 comment #23, in particular point (4).

Try: https://treeherder.mozilla.org/ui/#/jobs?repo=try&revision=787612d4fc79
Attachment #8504075 - Flags: review?(terrence) → review+
(Assignee)

Comment 3

3 years ago
Created attachment 8504160 [details] [diff] [review]
v2 - Explicitly set the background finalize state as the last step.

Carrying forward r=terrence. Updated the comment and description to better reflect what's actually going on.
Attachment #8504075 - Attachment is obsolete: true
Attachment #8504160 - Flags: review+
(Assignee)

Updated

3 years ago
Keywords: checkin-needed
https://hg.mozilla.org/integration/mozilla-inbound/rev/f9faedda0179
Keywords: checkin-needed
https://hg.mozilla.org/mozilla-central/rev/f9faedda0179
Status: ASSIGNED → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla36
(Assignee)

Updated

3 years ago
Blocks: 1104904
You need to log in before you can comment on or make changes to this bug.