Changeset 117340 in webkit
- Timestamp:
- May 16, 2012 2:06:53 PM (12 years ago)
- Location:
- trunk/Source/JavaScriptCore
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/JavaScriptCore/ChangeLog
r117201 r117340 1 2012-05-16 Geoffrey Garen <ggaren@apple.com> 2 3 GC is not thread-safe when moving values between C stacks 4 https://bugs.webkit.org/show_bug.cgi?id=86672 5 6 Reviewed by Phil Pizlo. 7 8 GC pauses thread A while marking thread A, and then B while marking B, 9 which isn't safe against A and B moving values between each others' 10 stacks. 11 12 This is a theoretical bug -- I haven't been able to reproduce it 13 in the wild. 14 15 * heap/MachineStackMarker.cpp: 16 (JSC::MachineThreads::gatherFromOtherThread): 17 (JSC::MachineThreads::gatherConservativeRoots): Pause all C stacks for the 18 duration of stack marking, to avoid missing values that might be moving 19 between C stacks. 20 1 21 2012-05-15 Mark Hahnenberg <mhahnenberg@apple.com> 2 22 -
trunk/Source/JavaScriptCore/heap/MachineStackMarker.cpp
r110617 r117340 453 453 void MachineThreads::gatherFromOtherThread(ConservativeRoots& conservativeRoots, Thread* thread) 454 454 { 455 suspendThread(thread->platformThread);456 457 455 PlatformThreadRegisters regs; 458 456 size_t regSize = getPlatformThreadRegisters(thread->platformThread, regs); … … 464 462 swapIfBackwards(stackPointer, stackBase); 465 463 conservativeRoots.add(stackPointer, stackBase); 466 467 resumeThread(thread->platformThread);468 464 469 465 freePlatformThreadRegisters(regs); … … 485 481 fastMallocForbid(); 486 482 #endif 483 for (Thread* thread = m_registeredThreads; thread; thread = thread->next) { 484 if (!equalThread(thread->platformThread, currentPlatformThread)) 485 suspendThread(thread->platformThread); 486 } 487 487 488 // It is safe to access the registeredThreads list, because we earlier asserted that locks are being held, 488 489 // and since this is a shared heap, they are real locks. … … 491 492 gatherFromOtherThread(conservativeRoots, thread); 492 493 } 494 495 for (Thread* thread = m_registeredThreads; thread; thread = thread->next) { 496 if (!equalThread(thread->platformThread, currentPlatformThread)) 497 resumeThread(thread->platformThread); 498 } 499 493 500 #ifndef NDEBUG 494 501 fastMallocAllow();
Note: See TracChangeset
for help on using the changeset viewer.