From b1b64c7d7c98bd7f06492bd6a6bccf4d56dd383e Mon Sep 17 00:00:00 2001 From: "msaboff@apple.com" Date: Fri, 6 Jul 2012 00:04:05 +0000 Subject: [PATCH] JSString::tryHashConstLock() fails to get exclusive lock https://bugs.webkit.org/show_bug.cgi?id=90639 Reviewed by Oliver Hunt. Added check that the string is already locked even before compare and swap. * heap/MarkStack.cpp: (JSC::JSString::tryHashConstLock): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121928 268f45cc-cd09-0410-ab3c-d52691b4dbfc --- Source/JavaScriptCore/ChangeLog | 12 ++++++++++++ Source/JavaScriptCore/heap/MarkStack.cpp | 4 ++++ 2 files changed, 16 insertions(+) diff --git a/Source/JavaScriptCore/ChangeLog b/Source/JavaScriptCore/ChangeLog index 8373d91..54c4176 100644 --- a/Source/JavaScriptCore/ChangeLog +++ b/Source/JavaScriptCore/ChangeLog @@ -1,3 +1,15 @@ +2012-07-05 Michael Saboff + + JSString::tryHashConstLock() fails to get exclusive lock + https://bugs.webkit.org/show_bug.cgi?id=90639 + + Reviewed by Oliver Hunt. + + Added check that the string is already locked even before compare and swap. + + * heap/MarkStack.cpp: + (JSC::JSString::tryHashConstLock): + 2012-07-04 Filip Pizlo Inline property storage should not be wasted when it is exhausted diff --git a/Source/JavaScriptCore/heap/MarkStack.cpp b/Source/JavaScriptCore/heap/MarkStack.cpp index f547b31..9d91300 100644 --- a/Source/JavaScriptCore/heap/MarkStack.cpp +++ b/Source/JavaScriptCore/heap/MarkStack.cpp @@ -546,6 +546,10 @@ ALWAYS_INLINE bool JSString::tryHashConstLock() { #if ENABLE(PARALLEL_GC) unsigned currentFlags = m_flags; + + if (currentFlags & HashConstLock) + return false; + unsigned newFlags = currentFlags | HashConstLock; if (!WTF::weakCompareAndSwap(&m_flags, currentFlags, newFlags)) -- 2.7.4