Changeset 163855 in webkit

Timestamp:

Feb 10, 2014 8:48:01 PM (10 years ago)

Author:

mark.lam@apple.com

Message:

Source/JavaScriptCore: Removing limitation on JSLock's lockDropDepth.
<​https://webkit.org/b/128570>

Reviewed by Geoffrey Garen.

Now that we've switched to using the C stack, we no longer need to limit
the JSLock::lockDropDepth to 2.

For C loop builds which still use the separate JSStack, the JSLock will
enforce ordering for re-grabbing the lock after dropping it. Re-grabbing
must occur in the reverse order of the dropping of the locks.

Ordering is achieved by JSLock::dropAllLocks() stashing away the
JSLock:: m_lockDropDepth in its DropAllLocks instance's m_dropDepth
before unlocking the lock. Subsequently, JSLock::grabAllLocks() will
ensure that JSLocks::m_lockDropDepth equals its DropAllLocks instance's
m_dropDepth before allowing the lock to be re-grabbed. Otherwise, it
will yield execution and retry again later.

Note: because JSLocks::m_lockDropDepth is protected by the JSLock's
mutex, grabAllLocks() will optimistically lock the JSLock before doing
the check on m_lockDropDepth. If the check fails, it will unlock the
JSLock, yield, and then relock it again later before retrying the check.
This ensures that m_lockDropDepth remains under the protection of the
JSLock's mutex.

• runtime/JSLock.cpp:

(JSC::JSLock::dropAllLocks):
(JSC::JSLock::grabAllLocks):
(JSC::JSLock::DropAllLocks::DropAllLocks):
(JSC::JSLock::DropAllLocks::~DropAllLocks):

• runtime/JSLock.h:

(JSC::JSLock::DropAllLocks::setDropDepth):
(JSC::JSLock::DropAllLocks::dropDepth):

Source/WebCore: Removing limitation on JSLock’s lockDropDepth.
<​https://webkit.org/b/128570>

Reviewed by Geoffrey Garen.

No new tests.

• bindings/js/PageScriptDebugServer.cpp:

(WebCore::PageScriptDebugServer::runEventLoopWhilePaused):

• platform/ios/wak/WebCoreThread.mm:

(SendDelegateMessage):
(WebThreadRunOnMainThread):

• No longer need to specify AlwaysDropLocks, because DropAllLocks is now always unconditional.

Location:

trunk/Source

Files:

• JavaScriptCore/ChangeLog (modified) (1 diff)
• JavaScriptCore/runtime/JSLock.cpp (modified) (10 diffs)
• JavaScriptCore/runtime/JSLock.h (modified) (2 diffs)
• WebCore/ChangeLog (modified) (1 diff)
• WebCore/bindings/js/PageScriptDebugServer.cpp (modified) (1 diff)
• WebCore/platform/ios/wak/WebCoreThread.mm (modified) (2 diffs)

trunk/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2014-02-10  Mark Lam  <mark.lam@apple.com>
+
+        Removing limitation on JSLock's lockDropDepth.
+        <https://webkit.org/b/128570>
+
+        Reviewed by Geoffrey Garen.
+
+        Now that we've switched to using the C stack, we no longer need to limit
+        the JSLock::lockDropDepth to 2.
+
+        For C loop builds which still use the separate JSStack, the JSLock will
+        enforce ordering for re-grabbing the lock after dropping it. Re-grabbing
+        must occur in the reverse order of the dropping of the locks.
+
+        Ordering is achieved by JSLock::dropAllLocks() stashing away the
+        JSLock:: m_lockDropDepth in its DropAllLocks instance's m_dropDepth
+        before unlocking the lock. Subsequently, JSLock::grabAllLocks() will
+        ensure that JSLocks::m_lockDropDepth equals its DropAllLocks instance's
+        m_dropDepth before allowing the lock to be re-grabbed. Otherwise, it
+        will yield execution and retry again later.
+
+        Note: because JSLocks::m_lockDropDepth is protected by the JSLock's
+        mutex, grabAllLocks() will optimistically lock the JSLock before doing
+        the check on m_lockDropDepth. If the check fails, it will unlock the
+        JSLock, yield, and then relock it again later before retrying the check.
+        This ensures that m_lockDropDepth remains under the protection of the
+        JSLock's mutex.
+
+        * runtime/JSLock.cpp:
+        (JSC::JSLock::dropAllLocks):
+        (JSC::JSLock::grabAllLocks):
+        (JSC::JSLock::DropAllLocks::DropAllLocks):
+        (JSC::JSLock::DropAllLocks::~DropAllLocks):
+        * runtime/JSLock.h:
+        (JSC::JSLock::DropAllLocks::setDropDepth):
+        (JSC::JSLock::DropAllLocks::dropDepth):
+
 2014-02-10  Filip Pizlo  <fpizlo@apple.com>
 

trunk/Source/JavaScriptCore/runtime/JSLock.cpp

@@ -27 +27 @@
 #include "JSObject.h"
 #include "JSCInlines.h"
+#if ENABLE(LLINT_C_LOOP)
+#include <thread>
+#endif
 
 namespace JSC {
@@ -167 +170 @@
 }
 
-// This is fairly nasty.  We allow multiple threads to run on the same
-// context, and we do not require any locking semantics in doing so -
-// clients of the API may simply use the context from multiple threads
-// concurently, and assume this will work.  In order to make this work,
-// We lock the context when a thread enters, and unlock it when it leaves.
-// However we do not only unlock when the thread returns from its
-// entry point (evaluate script or call function), we also unlock the
-// context if the thread leaves JSC by making a call out to an external
-// function through a callback.
-//
-// All threads using the context share the same JS stack (the JSStack).
-// Whenever a thread calls into JSC it starts using the JSStack from the
-// previous 'high water mark' - the maximum point the stack has ever grown to
-// (returned by JSStack::end()).  So if a first thread calls out to a
-// callback, and a second thread enters JSC, then also exits by calling out
-// to a callback, we can be left with stackframes from both threads in the
-// JSStack.  As such, a problem may occur should the first thread's
-// callback complete first, and attempt to return to JSC.  Were we to allow
-// this to happen, and were its stack to grow further, then it may potentially
-// write over the second thread's call frames.
-//
-// To avoid JS stack corruption we enforce a policy of only ever allowing two
-// threads to use a JS context concurrently, and only allowing the second of
-// these threads to execute until it has completed and fully returned from its
-// outermost call into JSC.  We enforce this policy using 'lockDropDepth'.  The
-// first time a thread exits it will call DropAllLocks - which will do as expected
-// and drop locks allowing another thread to enter.  Should another thread, or the
-// same thread again, enter JSC (through evaluate script or call function), and exit
-// again through a callback, then the locks will not be dropped when DropAllLocks
-// is called (since lockDropDepth is non-zero).  Since this thread is still holding
-// the locks, only it will be able to re-enter JSC (either be returning from the
-// callback, or by re-entering through another call to evaulate script or call
-// function).
-//
-// This policy is slightly more restricive than it needs to be for correctness -
-// we could validly allow futher entries into JSC from other threads, we only
-// need ensure that callbacks return in the reverse chronological order of the
-// order in which they were made - though implementing the less restrictive policy
-// would likely increase complexity and overhead.
-//
-
 // This function returns the number of locks that were dropped.
-unsigned JSLock::dropAllLocks()
+unsigned JSLock::dropAllLocks(DropAllLocks* dropper)
 {
     // Check if this thread is currently holding the lock.
@@ -216 +178 @@
         return 0;
 
-    // Don't drop the locks if they've already been dropped once.
-    // (If the prior drop came from another thread, and it resumed first,
-    // it could trash our register file).
-    if (m_lockDropDepth)
-        return 0;
+    ++m_lockDropDepth;
+
+    UNUSED_PARAM(dropper);
+#if ENABLE(LLINT_C_LOOP)
+    dropper->setDropDepth(m_lockDropDepth);
+#endif
 
     WTFThreadData& threadData = wtfThreadData();
@@ -227 +190 @@
     threadData.setSavedReservedZoneSize(m_vm->reservedZoneSize());
 
-    // m_lockDropDepth is only incremented if any locks were dropped.
-    ++m_lockDropDepth;
-
     unsigned droppedLockCount = m_lockCount;
     unlock(droppedLockCount);
@@ -236 +196 @@
 }
 
-unsigned JSLock::dropAllLocksUnconditionally()
-{
-    // Check if this thread is currently holding the lock.
-    // FIXME: Maybe we want to require this, guard with an ASSERT?
-    if (!currentThreadIsHoldingLock())
-        return 0;
-
-    WTFThreadData& threadData = wtfThreadData();
-    threadData.setSavedStackPointerAtVMEntry(m_vm->stackPointerAtVMEntry);
-    threadData.setSavedLastStackTop(m_vm->lastStackTop());
-    threadData.setSavedReservedZoneSize(m_vm->reservedZoneSize());
-
-    // m_lockDropDepth is only incremented if any locks were dropped.
-    ++m_lockDropDepth;
-
-    unsigned droppedLockCount = m_lockCount;
-    unlock(droppedLockCount);
-
-    return droppedLockCount;
-}
-
-void JSLock::grabAllLocks(unsigned droppedLockCount)
+void JSLock::grabAllLocks(DropAllLocks* dropper, unsigned droppedLockCount)
 {
     // If no locks were dropped, nothing to do!
@@ -265 +204 @@
     ASSERT(!currentThreadIsHoldingLock());
     lock(droppedLockCount);
+
+    UNUSED_PARAM(dropper);
+#if ENABLE(LLINT_C_LOOP)
+    while (dropper->dropDepth() != m_lockDropDepth) {
+        unlock(droppedLockCount);
+        std::this_thread::yield();
+        lock(droppedLockCount);
+    }
+#endif
 
     --m_lockDropDepth;
@@ -274 +222 @@
 }
 
-JSLock::DropAllLocks::DropAllLocks(ExecState* exec, AlwaysDropLocksTag alwaysDropLocks)
+JSLock::DropAllLocks::DropAllLocks(ExecState* exec)
     : m_droppedLockCount(0)
     , m_vm(exec ? &exec->vm() : nullptr)
@@ -280 +228 @@
     if (!m_vm)
         return;
-
-    if (alwaysDropLocks)
-        m_droppedLockCount = m_vm->apiLock().dropAllLocksUnconditionally();
-    else
-        m_droppedLockCount = m_vm->apiLock().dropAllLocks();
-}
-
-JSLock::DropAllLocks::DropAllLocks(VM* vm, AlwaysDropLocksTag alwaysDropLocks)
+    m_droppedLockCount = m_vm->apiLock().dropAllLocks(this);
+}
+
+JSLock::DropAllLocks::DropAllLocks(VM* vm)
     : m_droppedLockCount(0)
     , m_vm(vm)
@@ -293 +237 @@
     if (!m_vm)
         return;
-
-    if (alwaysDropLocks)
-        m_droppedLockCount = m_vm->apiLock().dropAllLocksUnconditionally();
-    else
-        m_droppedLockCount = m_vm->apiLock().dropAllLocks();
+    m_droppedLockCount = m_vm->apiLock().dropAllLocks(this);
 }
 
@@ -304 +244 @@
     if (!m_vm)
         return;
-    m_vm->apiLock().grabAllLocks(m_droppedLockCount);
+    m_vm->apiLock().grabAllLocks(this, m_droppedLockCount);
 }
 

trunk/Source/JavaScriptCore/runtime/JSLock.h

@@ -100 +100 @@
             WTF_MAKE_NONCOPYABLE(DropAllLocks);
         public:
-            // By default, we release all locks conditionally. Some clients, such as Mobile Safari,
-            // may require that we release all locks unconditionally.
-            enum AlwaysDropLocksTag { DontAlwaysDropLocks = 0, AlwaysDropLocks };
-            JS_EXPORT_PRIVATE DropAllLocks(ExecState*, AlwaysDropLocksTag = DontAlwaysDropLocks);
-            JS_EXPORT_PRIVATE DropAllLocks(VM*, AlwaysDropLocksTag = DontAlwaysDropLocks);
+            JS_EXPORT_PRIVATE DropAllLocks(ExecState*);
+            JS_EXPORT_PRIVATE DropAllLocks(VM*);
             JS_EXPORT_PRIVATE ~DropAllLocks();
             
+#if ENABLE(LLINT_C_LOOP)
+            void setDropDepth(unsigned depth) { m_dropDepth = depth; }
+            unsigned dropDepth() const { return m_dropDepth; }
+#endif
+
         private:
             intptr_t m_droppedLockCount;
             RefPtr<VM> m_vm;
+#if ENABLE(LLINT_C_LOOP)
+            unsigned m_dropDepth;
+#endif
         };
 
@@ -117 +122 @@
         void setOwnerThread(ThreadIdentifier owner) { m_ownerThread = owner; }
 
-        unsigned dropAllLocks();
-        unsigned dropAllLocksUnconditionally();
-        void grabAllLocks(unsigned lockCount);
+        unsigned dropAllLocks(DropAllLocks*);
+        void grabAllLocks(DropAllLocks*, unsigned lockCount);
 
         Mutex m_lock;

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2014-02-10  Mark Lam  <mark.lam@apple.com>
+
+        Removing limitation on JSLock’s lockDropDepth.
+        <https://webkit.org/b/128570>
+
+        Reviewed by Geoffrey Garen.
+
+        No new tests.
+
+        * bindings/js/PageScriptDebugServer.cpp:
+        (WebCore::PageScriptDebugServer::runEventLoopWhilePaused):
+        * platform/ios/wak/WebCoreThread.mm:
+        (SendDelegateMessage):
+        (WebThreadRunOnMainThread):
+        - No longer need to specify AlwaysDropLocks, because DropAllLocks is
+          now always unconditional.
+
 2014-02-10  Benjamin Poulain  <benjamin@webkit.org>
 

trunk/Source/WebCore/bindings/js/PageScriptDebugServer.cpp

@@ -191 +191 @@
     {
         if (WebThreadIsEnabled())
-            JSC::JSLock::DropAllLocks dropAllLocks(WebCore::JSDOMWindowBase::commonVM(), JSC::JSLock::DropAllLocks::AlwaysDropLocks);
+            JSC::JSLock::DropAllLocks dropAllLocks(WebCore::JSDOMWindowBase::commonVM());
         WebRunLoopEnableNested();
 #endif

trunk/Source/WebCore/platform/ios/wak/WebCoreThread.mm

@@ -211 +211 @@
         {
             // Code block created to scope JSC::JSLock::DropAllLocks outside of WebThreadLock()
-            JSC::JSLock::DropAllLocks dropAllLocks(WebCore::JSDOMWindowBase::commonVM(), JSC::JSLock::DropAllLocks::AlwaysDropLocks);
+            JSC::JSLock::DropAllLocks dropAllLocks(WebCore::JSDOMWindowBase::commonVM());
             _WebThreadUnlock();
 
@@ -249 +249 @@
     }
 
-    JSC::JSLock::DropAllLocks dropAllLocks(WebCore::JSDOMWindowBase::commonVM(), JSC::JSLock::DropAllLocks::AlwaysDropLocks);
+    JSC::JSLock::DropAllLocks dropAllLocks(WebCore::JSDOMWindowBase::commonVM());
     _WebThreadUnlock();