[Webkit-unassigned] [Bug 51984] [WK2][Qt] Multiple problems with MemoryMappedPool

Mon Jan 10 07:45:00 PST 2011

https://bugs.webkit.org/show_bug.cgi?id=51984

--- Comment #1 from Balazs Kelemen <kbalazs at webkit.org>  2011-01-10 07:45:00 PST ---
> 1) Pass file descriptors to open but deleted files via IPC.
> 
> Use this protocol to create the mmapped files:
> -- process 0
> 1) fd = open temp file
> 2) resize(fd)
> 3) mmap(fd)
> 4) delete(fd)
> 5) send fd via local domain socket or fifo
> -- process 1
> 1) handle ipc messaeg
> 2) fd = decode fd
> 3) mmap(fd)
> 4) use fd.

This is pretty similar than what we do right now. The only benefit with the procedure you mentioned that we can delete the file at the sender side.
This is an argument to use OS level file handling and send the file descriptor.

> This needs the ConnectionQt.cpp to be modified to use unix socket api or FIFO api to pass all the data. The Qt abstraction of QLocalServer and QLocalSocket cannot express sending FDs. However, I don't see this as a bad thing -- it should just remove unnecessary stuff.

Sending the descriptor is just sending an integer. This is obviously possible with the current connection infrastructure.

> 2) Race condition in sharing the buffers with variable isFree
> 
> To have concurrently valid implementation, the access to the page variables should be controlled with cross-process semaphore. The isFree implements just a corner-case optimization for avoiding to call mmap and most likely this is not optimization at all. Thus usage should be removed.
> 
> After sending a memory area to other process, contract should be that the memory region cannot be used at all.
> 
> One scheme to achieve what isFree is doing, see below:
> 
> have two variables:
> 
> QList<MappedMemory*> m_usableRegions
> 
> QList<MappedMemory*> m_sentRegions
> 
> usableRegions gets appended when a process receives a memory region, uses it and then marks it disposed. These are the pages that can be sent back to the other process.
> 
> sentRegions is the list that optimizes mmap: it stores list of regions that have been mapped to this process memory at some point.

The memory chunk is used by both process. The role of the isFree member is that it is seen in both process at the same time.
Having a list in both processes is not enough here. About the race condition: could you give an example when smg wrong happen?
As I see the invariant here is only one of the processes is allowed to write it at a time. The only race condition is when the UI process set it
to free and the same time the web process reading ifFree but that is a safe situation in all possible outcome.

> 4) Implementation does not check syscall failures
> 
> The implementation should check status of file opens, mmap operations etc.

Yes, maybe it should. I do not see any rational error handling however, but at least we should do a CRASH() to avoid indeterministic behavior.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.