Closed
Bug 1478402
Opened 6 years ago
Closed 6 years ago
Intermittent SUMMARY: ThreadSanitizer: data race /builds/worker/workspace/build/src/js/src/gc/ArenaList-inl.h:135:21 in takeNextArena
Categories
(Core :: JavaScript: GC, defect, P5)
Core
JavaScript: GC
Tracking
()
RESOLVED
FIXED
mozilla63
| Tracking | Status | |
|---|---|---|
| firefox-esr52 | --- | unaffected |
| firefox-esr60 | --- | unaffected |
| firefox61 | --- | unaffected |
| firefox62 | --- | unaffected |
| firefox63 | --- | fixed |
People
(Reporter: intermittent-bug-filer, Assigned: jonco)
References
Details
(Keywords: csectype-race, intermittent-failure, sec-moderate, Whiteboard: [post-critsmash-triage])
Attachments
(1 file)
|
5.48 KB,
patch
|
sfink
:
review+
|
Details | Diff | Splinter Review |
Filed by: apavel [at] mozilla.com https://treeherder.mozilla.org/logviewer.html#?job_id=190044025&repo=mozilla-central https://queue.taskcluster.net/v1/task/TgJj1TNYSdmnurhWm78-jg/runs/0/artifacts/public/logs/live_backing.log [task 2018-07-25T14:34:17.645Z] Thread T5 'JS Helper' (tid=23601, running) created by main thread at: [task 2018-07-25T14:34:17.645Z] #0 pthread_create /builds/worker/workspace/moz-toolchain/src/llvm/projects/compiler-rt/lib/tsan/rtl/tsan_interceptors.cc:889:3 (js+0x45f123) [task 2018-07-25T14:34:17.645Z] #1 js::Thread::create(void* (*)(void*), void*) /builds/worker/workspace/build/src/js/src/threading/posix/Thread.cpp:115:7 (js+0xcc1b15) [task 2018-07-25T14:34:17.645Z] #2 init<void (&)(void *), js::HelperThread *> /builds/worker/workspace/build/src/js/src/threading/Thread.h:124:12 (js+0xdaad75) [task 2018-07-25T14:34:17.645Z] #3 js::GlobalHelperThreadState::ensureInitialized() /builds/worker/workspace/build/src/js/src/vm/HelperThreads.cpp:987 (js+0xdaad75) [task 2018-07-25T14:34:17.646Z] #4 js::EnsureHelperThreadsInitialized() /builds/worker/workspace/build/src/js/src/vm/HelperThreads.cpp:70:32 (js+0xdaaa66) [task 2018-07-25T14:34:17.646Z] #5 JSRuntime::init(JSContext*, unsigned int, unsigned int) /builds/worker/workspace/build/src/js/src/vm/Runtime.cpp:204:34 (js+0xe7f71f) [task 2018-07-25T14:34:17.646Z] #6 js::NewContext(unsigned int, unsigned int, JSRuntime*) /builds/worker/workspace/build/src/js/src/vm/JSContext.cpp:154:19 (js+0xdc5c86) [task 2018-07-25T14:34:17.646Z] #7 JS_NewContext(unsigned int, unsigned int, JSRuntime*) /builds/worker/workspace/build/src/js/src/jsapi.cpp:474:12 (js+0xc2c9a6) [task 2018-07-25T14:34:17.646Z] #8 main /builds/worker/workspace/build/src/js/src/shell/js.cpp:9385:21 (js+0x4ce24b) [task 2018-07-25T14:34:17.646Z] [task 2018-07-25T14:34:17.646Z] SUMMARY: ThreadSanitizer: data race /builds/worker/workspace/build/src/js/src/gc/ArenaList-inl.h:135:21 in takeNextArena [task 2018-07-25T14:34:17.646Z] ================== [task 2018-07-25T14:34:17.646Z] ThreadSanitizer: reported 1 warnings [task 2018-07-25T14:34:17.646Z] Exit code: 66 [task 2018-07-25T14:34:17.646Z] FAIL - gc/bug-1374797.js [task 2018-07-25T14:34:17.646Z] TEST-UNEXPECTED-FAIL | js/src/jit-test/tests/gc/bug-1374797.js | ================== (code 66, args "--no-baseline --no-ion") [4.1 s] [task 2018-07-25T14:34:17.646Z] {"action": "test_start", "jitflags": "--no-baseline --no-ion", "pid": 23576, "source": "jittests", "test": "gc/bug-1374797.js", "thread": "main", "time": 1532529253.544859} [task 2018-07-25T14:34:17.646Z] {"action": "test_end", "extra": {"jitflags": "--no-baseline --no-ion", "pid": 23576}, "jitflags": "--no-baseline --no-ion", "message": "==================", "pid": 23576, "source": "jittests", "status": "FAIL", "test": "gc/bug-1374797.js", "thread": "main", "time": 1532529257.631919} [task 2018-07-25T14:34:17.646Z] INFO exit-status : 66 [task 2018-07-25T14:34:17.647Z] INFO timed-out : False [task 2018-07-25T14:34:17.647Z] INFO stdout > 0 [task 2018-07-25T14:34:17.647Z] INFO stdout > 1 [task 2018-07-25T14:34:17.647Z] INFO stdout > 2 [task 2018-07-25T14:34:17.647Z] INFO stdout > 3 [task 2018-07-25T14:34:17.647Z] INFO stdout > 4 [task 2018-07-25T14:34:17.647Z] INFO stdout > 5 [task 2018-07-25T14:34:17.647Z] INFO stdout > 6 [task 2018-07-25T14:34:17.647Z] INFO stdout > 7 [task 2018-07-25T14:34:17.647Z] INFO stdout > 8 [task 2018-07-25T14:34:17.647Z] INFO stdout > 9 [task 2018-07-25T14:34:17.647Z] INFO stdout > Finished
|
||
Updated•6 years ago
|
Group: javascript-core-security
|
Assignee | |
Comment 1•6 years ago
|
||
WARNING: ThreadSanitizer: data race (pid=23576)
Read of size 8 at 0x7b7400000cc0 by thread T5 (mutexes: write M652, write M45):
#0 takeNextArena /builds/worker/workspace/build/src/js/src/gc/ArenaList-inl.h:135:21 (js+0x11bd006)
#1 js::gc::ArenaLists::refillFreeListAndAllocate(js::gc::FreeLists&, js::gc::AllocKind, js::gc::ShouldCheckThresholds) /builds/worker/workspace/build/src/js/src/gc/Allocator.cpp:443 (js+0x11bd006)
#2 refillFreeListFromMainThread /builds/worker/workspace/build/src/js/src/gc/Allocator.cpp:400:31 (js+0x11baf5e)
#3 refillFreeListFromAnyThread /builds/worker/workspace/build/src/js/src/gc/Allocator.cpp:388 (js+0x11baf5e)
#4 tryNewTenuredThing<js::NormalAtom, js::AllowGC::NoGC> /builds/worker/workspace/build/src/js/src/gc/Allocator.cpp:247 (js+0x11baf5e)
#5 js::NormalAtom* js::Allocate<js::NormalAtom, (js::AllowGC)0>(JSContext*) /builds/worker/workspace/build/src/js/src/gc/Allocator.cpp:228 (js+0x11baf5e)
#6 new_<js::AllowGC::NoGC> /builds/worker/workspace/build/src/js/src/vm/StringType-inl.h:277:38 (js+0xef0761)
#7 AllocateInlineString<js::AllowGC::NoGC, unsigned char> /builds/worker/workspace/build/src/js/src/vm/StringType-inl.h:34 (js+0xef0761)
#8 NewInlineStringDeflated<js::AllowGC::NoGC> /builds/worker/workspace/build/src/js/src/vm/StringType.cpp:1468 (js+0xef0761)
#9 JSFlatString* NewStringDeflated<(js::AllowGC)0>(JSContext*, char16_t const*, unsigned long) /builds/worker/workspace/build/src/js/src/vm/StringType.cpp:1506 (js+0xef0761)
#10 JSFlatString* js::NewStringCopyN<(js::AllowGC)0, char16_t>(JSContext*, char16_t const*, unsigned long) /builds/worker/workspace/build/src/js/src/vm/StringType.cpp:1693:16 (js+0xef3b38)
#11 AllocateNewAtom<char16_t> /builds/worker/workspace/build/src/js/src/vm/JSAtom.cpp:787:26 (js+0x68390e)
#12 atomizeAndCopyChars<char16_t> /builds/worker/workspace/build/src/js/src/vm/JSAtom.cpp:715 (js+0x68390e)
#13 AtomizeAndCopyChars<char16_t> /builds/worker/workspace/build/src/js/src/vm/JSAtom.cpp:652 (js+0x68390e)
#14 JSAtom* js::AtomizeChars<char16_t>(JSContext*, char16_t const*, unsigned long, js::PinningBehavior) /builds/worker/workspace/build/src/js/src/vm/JSAtom.cpp:871 (js+0x68390e)
#15 drainCharBufferIntoAtom /builds/worker/workspace/build/src/js/src/frontend/TokenStream.h:1259:24 (js+0x11a9189)
#16 js::frontend::TokenStreamSpecific<char16_t, js::frontend::ParserAnyCharsAccess<js::frontend::GeneralParser<js::frontend::FullParseHandler, char16_t> > >::getStringOrTemplateToken(char, js::frontend::Token::Modifier, js::frontend::TokenKind*) /builds/worker/workspace/build/src/js/src/frontend/TokenStream.cpp:2665 (js+0x11a9189)
#17 js::frontend::TokenStreamSpecific<char16_t, js::frontend::ParserAnyCharsAccess<js::frontend::GeneralParser<js::frontend::FullParseHandler, char16_t> > >::getTokenInternal(js::frontend::TokenKind*, js::frontend::Token::Modifier) /builds/worker/workspace/build/src/js/src/frontend/TokenStream.cpp (js+0x11a503e)
#18 getToken /builds/worker/workspace/build/src/js/src/frontend/TokenStream.h:2089:16 (js+0x602db6)
#19 matchToken /builds/worker/workspace/build/src/js/src/frontend/TokenStream.h:2184 (js+0x602db6)
#20 js::frontend::GeneralParser<js::frontend::FullParseHandler, char16_t>::argumentList(js::frontend::YieldHandling, js::frontend::ParseNode*, bool*, js::frontend::GeneralParser<js::frontend::FullParseHandler, char16_t>::PossibleError*) /builds/worker/workspace/build/src/js/src/frontend/Parser.cpp:8640 (js+0x602db6)
#21 js::frontend::GeneralParser<js::frontend::FullParseHandler, char16_t>::memberExpr(js::frontend::YieldHandling, js::frontend::TripledotHandling, js::frontend::TokenKind, bool, js::frontend::GeneralParser<js::frontend::FullParseHandler, char16_t>::PossibleError*, js::frontend::ParserBase::InvokedPrediction) /builds/worker/workspace/build/src/js/src/frontend/Parser.cpp:8898:26 (js+0x60254a)
#22 js::frontend::GeneralParser<js::frontend::FullParseHandler, char16_t>::unaryExpr(js::frontend::YieldHandling, js::frontend::TripledotHandling, js::frontend::GeneralParser<js::frontend::FullParseHandler, char16_t>::PossibleError*, js::frontend::ParserBase::InvokedPrediction) /builds/worker/workspace/build/src/js/src/frontend/Parser.cpp:8588:21 (js+0x600578)
#23 orExpr /builds/worker/workspace/build/src/js/src/frontend/Parser.cpp:8094:14 (js+0x5f6dd3)
#24 condExpr /builds/worker/workspace/build/src/js/src/frontend/Parser.cpp:8165 (js+0x5f6dd3)
#25 js::frontend::GeneralParser<js::frontend::FullParseHandler, char16_t>::assignExpr(js::frontend::InHandling, js::frontend::YieldHandling, js::frontend::TripledotHandling, js::frontend::GeneralParser<js::frontend::FullParseHandler, char16_t>::PossibleError*, js::frontend::ParserBase::InvokedPrediction) /builds/worker/workspace/build/src/js/src/frontend/Parser.cpp:8292 (js+0x5f6dd3)
#26 js::frontend::GeneralParser<js::frontend::FullParseHandler, char16_t>::expr(js::frontend::InHandling, js::frontend::YieldHandling, js::frontend::TripledotHandling, js::frontend::GeneralParser<js::frontend::FullParseHandler, char16_t>::PossibleError*, js::frontend::ParserBase::InvokedPrediction) /builds/worker/workspace/build/src/js/src/frontend/Parser.cpp:7958:15 (js+0x5e2b7d)
#27 expressionStatement /builds/worker/workspace/build/src/js/src/frontend/Parser.cpp:6160:19 (js+0x5e4ced)
#28 js::frontend::GeneralParser<js::frontend::FullParseHandler, char16_t>::statementListItem(js::frontend::YieldHandling, bool) /builds/worker/workspace/build/src/js/src/frontend/Parser.cpp:7823 (js+0x5e4ced)
#29 js::frontend::GeneralParser<js::frontend::FullParseHandler, char16_t>::statementList(js::frontend::YieldHandling) /builds/worker/workspace/build/src/js/src/frontend/Parser.cpp:4281:21 (js+0x5e0ece)
#30 js::frontend::Parser<js::frontend::FullParseHandler, char16_t>::globalBody(js::frontend::GlobalSharedContext*) /builds/worker/workspace/build/src/js/src/frontend/Parser.cpp:2293:23 (js+0x6336c5)
#31 BytecodeCompiler::compileScript(JS::Handle<JSObject*>, js::frontend::SharedContext*) /builds/worker/workspace/build/src/js/src/frontend/BytecodeCompiler.cpp:339:26 (js+0x113fc4c)
#32 compileGlobalScript /builds/worker/workspace/build/src/js/src/frontend/BytecodeCompiler.cpp:381:12 (js+0x11427b9)
#33 js::frontend::CompileGlobalScript(JSContext*, js::LifoAlloc&, js::ScopeKind, JS::ReadOnlyCompileOptions const&, JS::SourceBufferHolder&, js::ScriptSourceObject**) /builds/worker/workspace/build/src/js/src/frontend/BytecodeCompiler.cpp:611 (js+0x11427b9)
#34 js::ScriptParseTask::parse(JSContext*) /builds/worker/workspace/build/src/js/src/vm/HelperThreads.cpp:499:24 (js+0xdad3a9)
#35 js::HelperThread::handleParseWorkload(js::AutoLockHelperThreadState&) /builds/worker/workspace/build/src/js/src/vm/HelperThreads.cpp:2113:15 (js+0xdb702b)
#36 js::HelperThread::threadLoop() /builds/worker/workspace/build/src/js/src/vm/HelperThreads.cpp:2423:9 (js+0xdb5c4a)
#37 js::HelperThread::ThreadMain(void*) /builds/worker/workspace/build/src/js/src/vm/HelperThreads.cpp:1896:38 (js+0xdb0975)
#38 callMain<0> /builds/worker/workspace/build/src/js/src/threading/Thread.h:242:5 (js+0xdbc4ed)
#39 js::detail::ThreadTrampoline<void (&)(void*), js::HelperThread*>::Start(void*) /builds/worker/workspace/build/src/js/src/threading/Thread.h:235 (js+0xdbc4ed)
Previous write of size 8 at 0x7b7400000cc0 by main thread (mutexes: write M653):
#0 takeNextArena /builds/worker/workspace/build/src/js/src/gc/ArenaList-inl.h:138:14 (js+0x11bd032)
#1 js::gc::ArenaLists::refillFreeListAndAllocate(js::gc::FreeLists&, js::gc::AllocKind, js::gc::ShouldCheckThresholds) /builds/worker/workspace/build/src/js/src/gc/Allocator.cpp:443 (js+0x11bd032)
#2 refillFreeListFromMainThread /builds/worker/workspace/build/src/js/src/gc/Allocator.cpp:400:31 (js+0x11baf5e)
#3 refillFreeListFromAnyThread /builds/worker/workspace/build/src/js/src/gc/Allocator.cpp:388 (js+0x11baf5e)
#4 tryNewTenuredThing<js::NormalAtom, js::AllowGC::NoGC> /builds/worker/workspace/build/src/js/src/gc/Allocator.cpp:247 (js+0x11baf5e)
#5 js::NormalAtom* js::Allocate<js::NormalAtom, (js::AllowGC)0>(JSContext*) /builds/worker/workspace/build/src/js/src/gc/Allocator.cpp:228 (js+0x11baf5e)
#6 new_<js::AllowGC::NoGC> /builds/worker/workspace/build/src/js/src/vm/StringType-inl.h:277:38 (js+0xef32c1)
#7 AllocateInlineString<js::AllowGC::NoGC, unsigned char> /builds/worker/workspace/build/src/js/src/vm/StringType-inl.h:34 (js+0xef32c1)
#8 NewInlineString<js::AllowGC::NoGC, unsigned char> /builds/worker/workspace/build/src/js/src/vm/StringType-inl.h:60 (js+0xef32c1)
#9 JSFlatString* js::NewStringCopyNDontDeflate<(js::AllowGC)0, unsigned char>(JSContext*, unsigned char const*, unsigned long) /builds/worker/workspace/build/src/js/src/vm/StringType.cpp:1648 (js+0xef32c1)
#10 JSFlatString* js::NewStringCopyN<(js::AllowGC)0, unsigned char>(JSContext*, unsigned char const*, unsigned long) /builds/worker/workspace/build/src/js/src/vm/StringType.cpp:1695:12 (js+0xef3bd9)
#11 AllocateNewAtom<unsigned char> /builds/worker/workspace/build/src/js/src/vm/JSAtom.cpp:787:26 (js+0x6762ab)
#12 atomizeAndCopyChars<unsigned char> /builds/worker/workspace/build/src/js/src/vm/JSAtom.cpp:715 (js+0x6762ab)
#13 AtomizeAndCopyChars<unsigned char> /builds/worker/workspace/build/src/js/src/vm/JSAtom.cpp:652 (js+0x6762ab)
#14 js::Atomize(JSContext*, char const*, unsigned long, js::PinningBehavior, mozilla::Maybe<unsigned int> const&) /builds/worker/workspace/build/src/js/src/vm/JSAtom.cpp:863 (js+0x6762ab)
#15 PropertySpecNameToId(JSContext*, char const*, JS::MutableHandle<jsid>, js::PinningBehavior) /builds/worker/workspace/build/src/js/src/jsapi.cpp:3177:24 (js+0xc3e271)
#16 DefineFunctionFromSpec /builds/worker/workspace/build/src/js/src/vm/JSObject.cpp:2957:10 (js+0xe0f5db)
#17 js::DefineFunctions(JSContext*, JS::Handle<JSObject*>, JSFunctionSpec const*, js::DefineAsIntrinsic) /builds/worker/workspace/build/src/js/src/vm/JSObject.cpp:2976 (js+0xe0f5db)
#18 JS_DefineFunctions(JSContext*, JS::Handle<JSObject*>, JSFunctionSpec const*) /builds/worker/workspace/build/src/js/src/jsapi.cpp:3701:12 (js+0xc40e01)
#19 js::DefinePropertiesAndFunctions(JSContext*, JS::Handle<JSObject*>, JSPropertySpec const*, JSFunctionSpec const*) /builds/worker/workspace/build/src/js/src/vm/GlobalObject.cpp:767:16 (js+0xda48b9)
#20 js::SymbolObject::initClass(JSContext*, JS::Handle<js::GlobalObject*>, bool) /builds/worker/workspace/build/src/js/src/builtin/Symbol.cpp:84:14 (js+0xa86483)
#21 js::InitSymbolClass(JSContext*, JS::Handle<js::GlobalObject*>) /builds/worker/workspace/build/src/js/src/builtin/Symbol.cpp:237:12 (js+0xa86875)
#22 js::GlobalObject::resolveConstructor(JSContext*, JS::Handle<js::GlobalObject*>, JSProtoKey) /builds/worker/workspace/build/src/js/src/vm/GlobalObject.cpp:173:16 (js+0xda5320)
#23 ensureConstructor /builds/worker/workspace/build/src/js/src/vm/GlobalObject.h:155:16 (js+0xc2ee71)
#24 JS_ResolveStandardClass(JSContext*, JS::Handle<JSObject*>, JS::Handle<jsid>, bool*) /builds/worker/workspace/build/src/js/src/jsapi.cpp:1051 (js+0xc2ee71)
#25 global_resolve(JSContext*, JS::Handle<JSObject*>, JS::Handle<jsid>, bool*) /builds/worker/workspace/build/src/js/src/shell/js.cpp:7782:10 (js+0x4db4d0)
#26 CallResolveOp /builds/worker/workspace/build/src/js/src/vm/NativeObject-inl.h:794:10 (js+0xe0427d)
#27 LookupOwnPropertyInline<js::AllowGC::CanGC> /builds/worker/workspace/build/src/js/src/vm/NativeObject-inl.h:866 (js+0xe0427d)
#28 LookupPropertyInline<js::AllowGC::CanGC> /builds/worker/workspace/build/src/js/src/vm/NativeObject-inl.h:938 (js+0xe0427d)
#29 js::LookupProperty(JSContext*, JS::Handle<JSObject*>, JS::Handle<jsid>, JS::MutableHandle<JSObject*>, JS::MutableHandle<JS::PropertyResult>) /builds/worker/workspace/build/src/js/src/vm/JSObject.cpp:2259 (js+0xe0427d)
#30 js::LookupName(JSContext*, JS::Handle<js::PropertyName*>, JS::Handle<JSObject*>, JS::MutableHandle<JSObject*>, JS::MutableHandle<JSObject*>, JS::MutableHandle<JS::PropertyResult>) /builds/worker/workspace/build/src/js/src/vm/JSObject.cpp:2269:14 (js+0xe04e07)
#31 bool js::GetEnvironmentName<(js::GetNameMode)0>(JSContext*, JS::Handle<JSObject*>, JS::Handle<js::PropertyName*>, JS::MutableHandle<JS::Value>) /builds/worker/workspace/build/src/js/src/vm/Interpreter-inl.h:251:10 (js+0x670b37)
#32 GetNameOperation /builds/worker/workspace/build/src/js/src/vm/Interpreter.cpp:243:12 (js+0x655434)
#33 Interpret(JSContext*, js::RunState&) /builds/worker/workspace/build/src/js/src/vm/Interpreter.cpp:3374 (js+0x655434)
#34 js::RunScript(JSContext*, js::RunState&) /builds/worker/workspace/build/src/js/src/vm/Interpreter.cpp:424:12 (js+0x647866)
#35 js::ExecuteKernel(JSContext*, JS::Handle<JSScript*>, JSObject&, JS::Value const&, js::AbstractFramePtr, JS::Value*) /builds/worker/workspace/build/src/js/src/vm/Interpreter.cpp:772:15 (js+0x65f97b)
#36 js::Execute(JSContext*, JS::Handle<JSScript*>, JSObject&, JS::Value*) /builds/worker/workspace/build/src/js/src/vm/Interpreter.cpp:804:12 (js+0x65fbcd)
#37 ExecuteScript(JSContext*, JS::Handle<JSObject*>, JS::Handle<JSScript*>, JS::Value*) /builds/worker/workspace/build/src/js/src/jsapi.cpp:4659:12 (js+0xc4782d)
#38 JS_ExecuteScript(JSContext*, JS::Handle<JSScript*>) /builds/worker/workspace/build/src/js/src/jsapi.cpp:4692:12 (js+0xc47916)
#39 RunFile /builds/worker/workspace/build/src/js/src/shell/js.cpp:849:14 (js+0x4f62ce)
#40 Process(JSContext*, char const*, bool, FileKind) /builds/worker/workspace/build/src/js/src/shell/js.cpp:1319 (js+0x4f62ce)
#41 ProcessArgs /builds/worker/workspace/build/src/js/src/shell/js.cpp:8565:18 (js+0x4d12ae)
#42 Shell /builds/worker/workspace/build/src/js/src/shell/js.cpp:8987 (js+0x4d12ae)
#43 main /builds/worker/workspace/build/src/js/src/shell/js.cpp:9465 (js+0x4d12ae)|
|
Assignee | |
Comment 2•6 years ago
|
||
Embarrassingly, we're somehow calling refillFreeListFromMainThread() when not on the main thread...
Component: JavaScript Engine → JavaScript: GC
|
||
Updated•6 years ago
|
Keywords: csectype-race,
sec-moderate
|
|
Assignee | |
Comment 3•6 years ago
|
||
(In reply to Jon Coppeard (:jonco) from comment #2) That doesn't seem to be possible and I think what's happening is that refillFreeListFromMainThread and refillFreeListFromHelperThread are being combined in opt builds as they are the same apart from assertions. ...then I got half way through explaining why this isn't a real problem before realising that it really is a problem. Thank you TSAN!
Assignee: nobody → jcoppeard
|
|
Assignee | |
Comment 4•6 years ago
|
||
We need to mark the atoms zone ArenaLists as being used for parallel allocation when a parse task is queued on the main thread rather than when it is started on a helper thread, otherwise this can race with allocation on the main thread. The patch sets this while there are helper thread zones present.
Attachment #8995553 -
Flags: review?(sphink)
|
||
Comment 5•6 years ago
|
||
Comment on attachment 8995553 [details] [diff] [review] bug1478402-parallel-alloc Review of attachment 8995553 [details] [diff] [review]: ----------------------------------------------------------------- ::: js/src/vm/Runtime.cpp @@ +800,3 @@ > zone->clearUsedByHelperThread(); > + if (numActiveHelperThreadZones-- == 1) > + gc.setParallelAtomsAllocEnabled(false); I think this would be more clear as if (--numActiveHelperThreadZones == 0)
Attachment #8995553 -
Flags: review?(sphink) → review+
|
|
Assignee | |
Comment 7•6 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/7b8baf03f67e386546c9951a4241bc62f6dbbbe9
|
||
Updated•6 years ago
|
Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox63:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla63
|
|
||
Updated•6 years ago
|
Group: javascript-core-security → core-security-release
|
||
Updated•6 years ago
|
status-firefox61:
--- → unaffected
status-firefox62:
--- → unaffected
status-firefox-esr52:
--- → unaffected
status-firefox-esr60:
--- → unaffected
|
||
Updated•6 years ago
|
Flags: qe-verify-
Whiteboard: [post-critsmash-triage]
|
|
||
Updated•5 years ago
|
Group: core-security-release
You need to log in
before you can comment on or make changes to this bug.
Description
•