[Webkit-unassigned] [Bug 65382] The JSC garbage collector returns memory to the operating system too eagerly
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Jul 29 15:18:10 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=65382
Filip Pizlo <fpizlo at apple.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #102385|0 |1
is obsolete| |
--- Comment #4 from Filip Pizlo <fpizlo at apple.com> 2011-07-29 15:18:10 PST ---
Created an attachment (id=102406)
--> (https://bugs.webkit.org/attachment.cgi?id=102406&action=review)
the patch (fix annoying, though benign, bug)
This patch improves on the previous one by fixing a nasty, but benign, bug. When returning a block to the system, the scavenger thread calls MarkedBlock::destroy(). This method first calls MarkedBlock::reset() and then frees the memory. But MarkedBlock::reset() would have already been called from the main thread during the GC sweep. Calling it again is risky, since reset() invokes destructors on cells in the block. It just so happens that in all cases where blocks are placed on the free list, the block would have been swept and and the cells within it would be blank JSCells - so invoking the destructor twice would be asymptomatic. But, fixing this issue makes the logic more consistent and decreases the likelihood of problems in the future.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list