Modified: branches/safari-602-branch/Source/WTF/ChangeLog (207591 => 207592)
--- branches/safari-602-branch/Source/WTF/ChangeLog 2016-10-20 09:03:29 UTC (rev 207591)
+++ branches/safari-602-branch/Source/WTF/ChangeLog 2016-10-20 09:58:58 UTC (rev 207592)
@@ -1,3 +1,25 @@
+2016-10-19 Matthew Hanson <matthew_han...@apple.com>
+
+ Merge r205859. rdar://problem/28635084
+
+ 2016-09-12 Filip Pizlo <fpi...@apple.com>
+
+ ParkingLot is going to have a bad time with threads dying
+ https://bugs.webkit.org/show_bug.cgi?id=161893
+
+ Reviewed by Michael Saboff.
+
+ If a thread dies right as it falls out of parkConditionally, then unparkOne() and friends
+ might die because they will dereference a deallocated ThreadData.
+
+ The solution is to ref-count ThreadData's. When unparkOne() and friends want to hold onto a
+ ThreadData past the queue lock, they can use RefPtr<>.
+
+ * wtf/ParkingLot.cpp:
+ (WTF::ParkingLot::unparkOne):
+ (WTF::ParkingLot::unparkOneImpl):
+ (WTF::ParkingLot::unparkAll):
+
2016-10-02 Babak Shafiei <bshaf...@apple.com>
Merge r205657. rdar://problem/28216268
Modified: branches/safari-602-branch/Source/WTF/wtf/ParkingLot.cpp (207591 => 207592)
--- branches/safari-602-branch/Source/WTF/wtf/ParkingLot.cpp 2016-10-20 09:03:29 UTC (rev 207591)
+++ branches/safari-602-branch/Source/WTF/wtf/ParkingLot.cpp 2016-10-20 09:58:58 UTC (rev 207592)
@@ -43,7 +43,7 @@
const bool verbose = false;
-struct ThreadData {
+struct ThreadData : public ThreadSafeRefCounted<ThreadData> {
WTF_MAKE_FAST_ALLOCATED;
public:
@@ -220,7 +220,6 @@
}
};
-ThreadSpecific<ThreadData>* threadData;
Atomic<Hashtable*> hashtable;
Atomic<unsigned> numThreads;
@@ -423,14 +422,20 @@
ThreadData* myThreadData()
{
+ static ThreadSpecific<RefPtr<ThreadData>>* threadData;
static std::once_flag initializeOnce;
std::call_once(
initializeOnce,
[] {
- threadData = new ThreadSpecific<ThreadData>();
+ threadData = new ThreadSpecific<RefPtr<ThreadData>>();
});
-
- return *threadData;
+
+ RefPtr<ThreadData>& result = **threadData;
+
+ if (!result)
+ result = adoptRef(new ThreadData());
+
+ return result.get();
}
template<typename Functor>
@@ -619,7 +624,7 @@
UnparkResult result;
- ThreadData* threadData = nullptr;
+ RefPtr<ThreadData> threadData;
result.mayHaveMoreThreads = dequeue(
address,
BucketMode::EnsureNonEmpty,
@@ -656,7 +661,7 @@
if (verbose)
dataLog(toString(currentThread(), ": unparking one the hard way.\n"));
- ThreadData* threadData = nullptr;
+ RefPtr<ThreadData> threadData;
dequeue(
address,
BucketMode::EnsureNonEmpty,
@@ -690,7 +695,7 @@
if (verbose)
dataLog(toString(currentThread(), ": unparking all from ", RawPointer(address), ".\n"));
- Vector<ThreadData*, 8> threadDatas;
+ Vector<RefPtr<ThreadData>, 8> threadDatas;
dequeue(
address,
BucketMode::IgnoreEmpty,
@@ -704,9 +709,9 @@
},
[] (bool) { });
- for (ThreadData* threadData : threadDatas) {
+ for (RefPtr<ThreadData>& threadData : threadDatas) {
if (verbose)
- dataLog(toString(currentThread(), ": unparking ", RawPointer(threadData), " with address ", RawPointer(threadData->address), "\n"));
+ dataLog(toString(currentThread(), ": unparking ", RawPointer(threadData.get()), " with address ", RawPointer(threadData->address), "\n"));
ASSERT(threadData->address);
{
std::unique_lock<std::mutex> locker(threadData->parkingLock);
