[SCM] WebKit Debian packaging branch, debian/experimental, updated. upstream/1.3.3-9427-gc2be6fc

ap at apple.com ap at apple.com
Wed Dec 22 12:59:04 UTC 2010 

The following commit has been merged in the debian/experimental branch:
commit 7793af06c085a63e3c0648b583c3ec559183a6de
Author: ap at apple.com <ap at apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Fri Sep 3 18:02:51 2010 +0000

    2010-09-03  Alexey Proskuryakov  <ap at apple.com>
    
            Reviewed by Darin Adler.
    
            https://bugs.webkit.org/show_bug.cgi?id=45135
            <rdar://problem/7823714> TCMalloc_PageHeap doesn't hold a mutex while manipulating shared data
    
            * wtf/FastMalloc.cpp:
            (WTF::TCMalloc_PageHeap::initializeScavenger): Make sure to create a non-recursive mutex
            regardless of platform default, so that we can assert that it's held (this is for platforms
            that don't have libdispatch).
            (WTF::TCMalloc_PageHeap::signalScavenger): Assert that the mutex is held, so we can look
            at m_scavengeThreadActive. For platforms that have libdispatch, assert that pageheap_lock
            is held.
            (WTF::TCMalloc_PageHeap::periodicScavenge): Make sure that pageheap_lock is held before
            manipulating m_scavengeThreadActive. Otherwise, there is an obvious race condition, and we
            can make unbalanced calls to dispatch_resume().
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@66741 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/JavaScriptCore/ChangeLog b/JavaScriptCore/ChangeLog
index c5bfa38..df0e2ce 100644
--- a/JavaScriptCore/ChangeLog
+++ b/JavaScriptCore/ChangeLog
@@ -1,3 +1,21 @@
+2010-09-03  Alexey Proskuryakov  <ap at apple.com>
+
+        Reviewed by Darin Adler.
+
+        https://bugs.webkit.org/show_bug.cgi?id=45135
+        <rdar://problem/7823714> TCMalloc_PageHeap doesn't hold a mutex while manipulating shared data
+
+        * wtf/FastMalloc.cpp:
+        (WTF::TCMalloc_PageHeap::initializeScavenger): Make sure to create a non-recursive mutex
+        regardless of platform default, so that we can assert that it's held (this is for platforms
+        that don't have libdispatch).
+        (WTF::TCMalloc_PageHeap::signalScavenger): Assert that the mutex is held, so we can look
+        at m_scavengeThreadActive. For platforms that have libdispatch, assert that pageheap_lock
+        is held.
+        (WTF::TCMalloc_PageHeap::periodicScavenge): Make sure that pageheap_lock is held before
+        manipulating m_scavengeThreadActive. Otherwise, there is an obvious race condition, and we
+        can make unbalanced calls to dispatch_resume().
+
 2010-09-03  Lucas De Marchi  <lucas.demarchi at profusion.mobi>
 
         Reviewed by Martin Robinson.
diff --git a/JavaScriptCore/wtf/FastMalloc.cpp b/JavaScriptCore/wtf/FastMalloc.cpp
index ee6b02c..cd0f17e 100644
--- a/JavaScriptCore/wtf/FastMalloc.cpp
+++ b/JavaScriptCore/wtf/FastMalloc.cpp
@@ -1492,11 +1492,23 @@ void TCMalloc_PageHeap::init()
 
 void TCMalloc_PageHeap::initializeScavenger()
 {
-  pthread_mutex_init(&m_scavengeMutex, 0);
-  pthread_cond_init(&m_scavengeCondition, 0);
-  m_scavengeThreadActive = true;
-  pthread_t thread;
-  pthread_create(&thread, 0, runScavengerThread, this);
+    // Create a non-recursive mutex.
+#if PTHREAD_MUTEX_NORMAL == PTHREAD_MUTEX_DEFAULT
+    pthread_mutex_init(&m_scavengeMutex, 0);
+#else
+    pthread_mutexattr_t attr;
+    pthread_mutexattr_init(&attr);
+    pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_NORMAL);
+
+    pthread_mutex_init(&m_scavengeMutex, &attr);
+
+    pthread_mutexattr_destroy(&attr);
+#endif
+
+    pthread_cond_init(&m_scavengeCondition, 0);
+    m_scavengeThreadActive = true;
+    pthread_t thread;
+    pthread_create(&thread, 0, runScavengerThread, this);
 }
 
 void* TCMalloc_PageHeap::runScavengerThread(void* context)
@@ -1510,8 +1522,10 @@ void* TCMalloc_PageHeap::runScavengerThread(void* context)
 
 ALWAYS_INLINE void TCMalloc_PageHeap::signalScavenger()
 {
-  if (!m_scavengeThreadActive && shouldScavenge())
-    pthread_cond_signal(&m_scavengeCondition);
+    // m_scavengeMutex should be held before accessing m_scavengeThreadActive.
+    ASSERT(pthread_mutex_trylock(m_scavengeMutex));
+    if (!m_scavengeThreadActive && shouldScavenge())
+        pthread_cond_signal(&m_scavengeCondition);
 }
 
 #else // !HAVE(DISPATCH_H)
@@ -1528,10 +1542,11 @@ void TCMalloc_PageHeap::initializeScavenger()
 
 ALWAYS_INLINE void TCMalloc_PageHeap::signalScavenger()
 {
-  if (!m_scavengingScheduled && shouldScavenge()) {
-    m_scavengingScheduled = true;
-    dispatch_resume(m_scavengeTimer);
-  }
+    ASSERT(IsHeld(pageheap_lock));
+    if (!m_scavengingScheduled && shouldScavenge()) {
+        m_scavengingScheduled = true;
+        dispatch_resume(m_scavengeTimer);
+    }
 }
 
 #endif
@@ -2397,15 +2412,13 @@ void TCMalloc_PageHeap::scavengerThread()
 
 void TCMalloc_PageHeap::periodicScavenge()
 {
-  {
     SpinLockHolder h(&pageheap_lock);
     pageheap->scavenge();
-  }
 
-  if (!shouldScavenge()) {
-    m_scavengingScheduled = false;
-    dispatch_suspend(m_scavengeTimer);
-  }
+    if (!shouldScavenge()) {
+        m_scavengingScheduled = false;
+        dispatch_suspend(m_scavengeTimer);
+    }
 }
 #endif // HAVE(DISPATCH_H)
 

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list