Reviewed by Geoff.
- fixed <rdar://problem/
4214783> REGRESSION: kjs_fast_malloc crash due to lack of locking on multiple threads (seen selecting volumes in the installer)
Make sure to lock using the InterpreterLock class in all places that need it
(including anything that uses the collector, the parser, the protect count hash table,
and anything that allocates via fast_malloc).
* JSUtils.cpp:
(CFStringToUString):
(JSObjectKJSValue):
(KJSValueToCFTypeInternal):
* JSUtils.h:
* JSValueWrapper.cpp:
(JSValueWrapper::JSObjectCopyPropertyNames):
(JSValueWrapper::JSObjectCopyProperty):
(JSValueWrapper::JSObjectSetProperty):
(JSValueWrapper::JSObjectCallFunction):
(JSValueWrapper::JSObjectCopyCFValue):
* JavaScriptGlue.cpp:
(JSCollect):
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@12202
268f45cc-cd09-0410-ab3c-
d52691b4dbfc
+2005-09-14 Maciej Stachowiak <mjs@apple.com>
+
+ Reviewed by Geoff.
+
+ - fixed <rdar://problem/4214783> REGRESSION: kjs_fast_malloc crash due to lack of locking on multiple threads (seen selecting volumes in the installer)
+
+ Make sure to lock using the InterpreterLock class in all places that need it
+ (including anything that uses the collector, the parser, the protect count hash table,
+ and anything that allocates via fast_malloc).
+
+ * JSUtils.cpp:
+ (CFStringToUString):
+ (JSObjectKJSValue):
+ (KJSValueToCFTypeInternal):
+ * JSUtils.h:
+ * JSValueWrapper.cpp:
+ (JSValueWrapper::JSObjectCopyPropertyNames):
+ (JSValueWrapper::JSObjectCopyProperty):
+ (JSValueWrapper::JSObjectSetProperty):
+ (JSValueWrapper::JSObjectCallFunction):
+ (JSValueWrapper::JSObjectCopyCFValue):
+ * JavaScriptGlue.cpp:
+ (JSCollect):
+
2005-09-27 Adele Peterson <adele@apple.com>
Reviewed by Maciej.
UString CFStringToUString(CFStringRef inCFString)
{
- UString result;
- if (inCFString)
- {
+ InterpreterLock lock;
+
+ UString result;
+ if (inCFString) {
CFIndex len = CFStringGetLength(inCFString);
UniChar* buffer = (UniChar*)malloc(sizeof(UniChar) * len);
if (buffer)
free(buffer);
}
}
- return result;
+ return result;
}
//--------------------------------------------------------------------------
Value JSObjectKJSValue(JSUserObject* ptr)
{
+ InterpreterLock lock;
+
Value result = Undefined();
if (ptr)
{
CFTypeRef result = NULL;
+ InterpreterLock lock;
+
switch (inValue.type())
{
case BooleanType:
#include <JavaScriptCore/object.h>
#include <JavaScriptCore/types.h>
#include <JavaScriptCore/interpreter.h>
+#include <JavaScriptCore/protect.h>
#include <JavaScriptCore/collector.h>
#include <JavaScriptCore/ustring.h>
#endif
CFArrayRef JSValueWrapper::JSObjectCopyPropertyNames(void* data)
{
+ InterpreterLock lock;
+
CFMutableArrayRef result = NULL;
JSValueWrapper* ptr = (JSValueWrapper*)data;
if (ptr)
JSObjectRef JSValueWrapper::JSObjectCopyProperty(void* data, CFStringRef propertyName)
{
+ InterpreterLock lock;
+
JSObjectRef result = NULL;
JSValueWrapper* ptr = (JSValueWrapper*)data;
if (ptr)
void JSValueWrapper::JSObjectSetProperty(void* data, CFStringRef propertyName, JSObjectRef jsValue)
{
+ InterpreterLock lock;
+
JSValueWrapper* ptr = (JSValueWrapper*)data;
if (ptr)
{
JSObjectRef JSValueWrapper::JSObjectCallFunction(void* data, JSObjectRef thisObj, CFArrayRef args)
{
+ InterpreterLock lock;
+
JSObjectRef result = NULL;
JSValueWrapper* ptr = (JSValueWrapper*)data;
if (ptr)
CFTypeRef JSValueWrapper::JSObjectCopyCFValue(void* data)
{
+ InterpreterLock lock;
+
CFTypeRef result = NULL;
JSValueWrapper* ptr = (JSValueWrapper*)data;
if (ptr)
void JSCollect(void)
{
#if JAG_PINK_OR_LATER
- Interpreter::lock();
+ InterpreterLock lock;
Collector::collect();
- Interpreter::unlock();
#endif
}
git://git.webkit.org / WebKit-https.git / commitdiff