Bug 141209

Summary: Workaround a thread library bug where thread destructors may not get called
Product: WebKit Reporter: Mark Lam <mark.lam>
Component: JavaScriptCoreAssignee: Mark Lam <mark.lam>
Status: RESOLVED FIXED    
Severity: Normal CC: fpizlo, ggaren, mmirman, msaboff, oliver, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
the patch
msaboff: review-
patch 2: no more race condition. msaboff: review+

Description Mark Lam 2015-02-03 13:48:53 PST 
As far as we know, there's a darwin bug where thread destructors may not get called.  We will work around this by checking at GC time if the platform thread is still valid.  If not, we'll purge it from the VM's registeredThreads list before proceeding with thread scanning activity.
Comment 1 Mark Lam 2015-02-03 13:51:37 PST 
<rdar://problem/17979784>
Comment 2 Mark Lam 2015-02-03 14:02:04 PST 
Created attachment 245965 [details]
the patch
Comment 3 Alexey Proskuryakov 2015-02-03 14:17:42 PST 
> there's a darwin bug

Is there a Radar tracking that?
Comment 4 Michael Saboff 2015-02-03 14:29:58 PST 
Comment on attachment 245965 [details]
the patch

r-
I believe that there is a race condition.  Consider thread A is exiting and it has already called MachineThreads::removeThread() but hasn't really exited.  Then thread B executes this code and doesn't purge thread A.  After completing this code, thread A really exits and then we call tryCopyOtherThreadStacks().  We'll still try to get thread stack info from the now dead A.
Comment 5 Mark Lam 2015-02-03 15:36:21 PST 
Created attachment 245977 [details]
patch 2: no more race condition.
Comment 6 Michael Saboff 2015-02-03 15:48:42 PST 
Comment on attachment 245977 [details]
patch 2: no more race condition.

View in context: https://bugs.webkit.org/attachment.cgi?id=245977&action=review

r=me with a couple of minor changes.

> Source/JavaScriptCore/ChangeLog:15
> +        suspension, because the thread is only guaranteed to be alive while it

Might want to change "the thread" to "another thread".

> Source/JavaScriptCore/heap/MachineStackMarker.cpp:194
> +void MachineThreads::removeThreadWithLockAlreadyAcquired(PlatformThread platformThread)

threadToRemove seems like a better name for the argument.
Comment 7 Mark Lam 2015-02-03 15:55:43 PST 
(In reply to comment #6)
> Comment on attachment 245977 [details]
> patch 2: no more race condition.
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=245977&action=review
> 
> r=me with a couple of minor changes.
> 
> > Source/JavaScriptCore/ChangeLog:15
> > +        suspension, because the thread is only guaranteed to be alive while it
> 
> Might want to change "the thread" to "another thread".

Will change the wording to me more clear that it the another thread whose validity we're checking.

> > Source/JavaScriptCore/heap/MachineStackMarker.cpp:194
> > +void MachineThreads::removeThreadWithLockAlreadyAcquired(PlatformThread platformThread)
> 
> threadToRemove seems like a better name for the argument.

Changed.
Comment 8 Mark Lam 2015-02-03 16:01:04 PST 
Thanks for the review.  Landed in r179576: <http://trac.webkit.org/r179576>.