JSString::tryHashConstLock() fails to get exclusive lock

https://bugs.webkit.org/show_bug.cgi?id=90639

Reviewed by Oliver Hunt.

Added check that the string is already locked even before compare and swap.

* heap/MarkStack.cpp:
(JSC::JSString::tryHashConstLock):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121928 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/Source/JavaScriptCore/ChangeLog b/Source/JavaScriptCore/ChangeLog
index 8373d91..54c4176 100644 (file)
--- a/Source/JavaScriptCore/ChangeLog
+++ b/Source/JavaScriptCore/ChangeLog
@@ -1,3 +1,15 @@
+2012-07-05  Michael Saboff  <msaboff@apple.com>
+
+        JSString::tryHashConstLock() fails to get exclusive lock
+        https://bugs.webkit.org/show_bug.cgi?id=90639
+
+        Reviewed by Oliver Hunt.
+
+        Added check that the string is already locked even before compare and swap.
+
+        * heap/MarkStack.cpp:
+        (JSC::JSString::tryHashConstLock):
+
 2012-07-04  Filip Pizlo  <fpizlo@apple.com>
 
         Inline property storage should not be wasted when it is exhausted

diff --git a/Source/JavaScriptCore/heap/MarkStack.cpp b/Source/JavaScriptCore/heap/MarkStack.cpp
index f547b31..9d91300 100644 (file)
--- a/Source/JavaScriptCore/heap/MarkStack.cpp
+++ b/Source/JavaScriptCore/heap/MarkStack.cpp
@@ -546,6 +546,10 @@ ALWAYS_INLINE bool JSString::tryHashConstLock()
 {
 #if ENABLE(PARALLEL_GC)
     unsigned currentFlags = m_flags;
+
+    if (currentFlags & HashConstLock)
+        return false;
+
     unsigned newFlags = currentFlags | HashConstLock;
 
     if (!WTF::weakCompareAndSwap(&m_flags, currentFlags, newFlags))