diff options
| author | Kent Hansen <kent.hansen@nokia.com> | 2010-04-20 12:00:01 (GMT) |
|---|---|---|
| committer | Kent Hansen <kent.hansen@nokia.com> | 2010-04-20 12:09:36 (GMT) |
| commit | 528ffd602cc5a501713cd768df0cf6870a36ddad (patch) | |
| tree | 49f5ccd6f5f35d604259de3a2b57f1a3b7eb4927 /src/3rdparty | |
| parent | dbdc9cb65c758d87738fbaadfa7b1c39e33e96a0 (diff) | |
| download | Qt-528ffd602cc5a501713cd768df0cf6870a36ddad.zip Qt-528ffd602cc5a501713cd768df0cf6870a36ddad.tar.gz Qt-528ffd602cc5a501713cd768df0cf6870a36ddad.tar.bz2 | |
Fix Mac OS Tiger-vs-Leopard crash due to memory tagging by JavaScriptCore
Cherry-picked from WebKit trunk.
Diffstat (limited to 'src/3rdparty')
| -rw-r--r-- | src/3rdparty/javascriptcore/JavaScriptCore/ChangeLog | 26 | ||||
| -rw-r--r-- | src/3rdparty/javascriptcore/JavaScriptCore/wtf/VMTags.h | 39 | ||||
| -rw-r--r-- | src/3rdparty/javascriptcore/VERSION | 4 |
3 files changed, 59 insertions, 10 deletions
diff --git a/src/3rdparty/javascriptcore/JavaScriptCore/ChangeLog b/src/3rdparty/javascriptcore/JavaScriptCore/ChangeLog index 4f6e565..11572b0 100644 --- a/src/3rdparty/javascriptcore/JavaScriptCore/ChangeLog +++ b/src/3rdparty/javascriptcore/JavaScriptCore/ChangeLog @@ -1,3 +1,29 @@ +2010-04-14 Kent Hansen <kent.hansen@nokia.com> + + Reviewed by Maciej Stachowiak. + + Mac OS X: Use deployment target to determine whether memory tagging should be enabled + https://bugs.webkit.org/show_bug.cgi?id=34888 + + When building on (Snow) Leopard but targeting Tiger + (TARGETING_TIGER defined, BUILDING_ON_TIGER not defined), + WebKit would crash on Tiger because the tags passed to mmap + caused those function calls to fail. + + Conversely, when building on Tiger but targeting Leopard + (BUILDING_ON_TIGER defined, TARGETING_LEOPARD defined), WebKit + would crash on Leopard because the tags passed to vm_map and + vm_allocate caused those function calls to fail. + + Solution: Use TARGETING_TIGER rather than BUILDING_ON_TIGER to + govern the tag definitions. Use the same tags for vm_map and + vm_allocate regardless of target, since they work on + both. Fall back to the mmap tags that work on Tiger (that is, + "no tags") if targeting Tiger, since those tags also work on + Leopard. + + * wtf/VMTags.h: + 2010-03-29 Patrick Gansterer <paroga@paroga.com> Reviewed by Darin Adler. diff --git a/src/3rdparty/javascriptcore/JavaScriptCore/wtf/VMTags.h b/src/3rdparty/javascriptcore/JavaScriptCore/wtf/VMTags.h index 34e2494..75bec11 100644 --- a/src/3rdparty/javascriptcore/JavaScriptCore/wtf/VMTags.h +++ b/src/3rdparty/javascriptcore/JavaScriptCore/wtf/VMTags.h @@ -30,25 +30,48 @@ // On Mac OS X, the VM subsystem allows tagging memory requested from mmap and vm_map // in order to aid tools that inspect system memory use. -#if OS(DARWIN) && !defined(BUILDING_ON_TIGER) +#if OS(DARWIN) #include <mach/vm_statistics.h> +#if !defined(TARGETING_TIGER) + #if defined(VM_MEMORY_TCMALLOC) #define VM_TAG_FOR_TCMALLOC_MEMORY VM_MAKE_TAG(VM_MEMORY_TCMALLOC) #else #define VM_TAG_FOR_TCMALLOC_MEMORY VM_MAKE_TAG(53) #endif // defined(VM_MEMORY_TCMALLOC) -#if defined(VM_MEMORY_JAVASCRIPT_CORE) && defined(VM_MEMORY_JAVASCRIPT_JIT_REGISTER_FILE) && defined(VM_MEMORY_JAVASCRIPT_JIT_EXECUTABLE_ALLOCATOR) && defined(VM_MEMORY_JAVASCRIPT_JIT_EXECUTABLE_ALLOCATOR) -#define VM_TAG_FOR_COLLECTOR_MEMORY VM_MAKE_TAG(VM_MEMORY_JAVASCRIPT_CORE) -#define VM_TAG_FOR_REGISTERFILE_MEMORY VM_MAKE_TAG(VM_MEMORY_JAVASCRIPT_JIT_REGISTER_FILE) +#if defined(VM_MEMORY_JAVASCRIPT_JIT_EXECUTABLE_ALLOCATOR) #define VM_TAG_FOR_EXECUTABLEALLOCATOR_MEMORY VM_MAKE_TAG(VM_MEMORY_JAVASCRIPT_JIT_EXECUTABLE_ALLOCATOR) #else -#define VM_TAG_FOR_COLLECTOR_MEMORY VM_MAKE_TAG(63) #define VM_TAG_FOR_EXECUTABLEALLOCATOR_MEMORY VM_MAKE_TAG(64) +#endif // defined(VM_MEMORY_JAVASCRIPT_JIT_EXECUTABLE_ALLOCATOR) + +#if defined(VM_MEMORY_JAVASCRIPT_JIT_REGISTER_FILE) +#define VM_TAG_FOR_REGISTERFILE_MEMORY VM_MAKE_TAG(VM_MEMORY_JAVASCRIPT_JIT_REGISTER_FILE) +#else #define VM_TAG_FOR_REGISTERFILE_MEMORY VM_MAKE_TAG(65) -#endif // defined(VM_MEMORY_JAVASCRIPT_CORE) && defined(VM_MEMORY_JAVASCRIPT_JIT_REGISTER_FILE) && defined(VM_MEMORY_JAVASCRIPT_JIT_EXECUTABLE_ALLOCATOR) && defined(VM_MEMORY_JAVASCRIPT_JIT_EXECUTABLE_ALLOCATOR) +#endif // defined(VM_MEMORY_JAVASCRIPT_JIT_REGISTER_FILE) + +#else // !defined(TARGETING_TIGER) + +// mmap on Tiger fails with tags that work on Leopard, so fall +// back to Tiger-compatible tags (that also work on Leopard) +// when targeting Tiger. +#define VM_TAG_FOR_TCMALLOC_MEMORY -1 +#define VM_TAG_FOR_EXECUTABLEALLOCATOR_MEMORY -1 +#define VM_TAG_FOR_REGISTERFILE_MEMORY -1 + +#endif // !defined(TARGETING_TIGER) + +// Tags for vm_map and vm_allocate work on both Tiger and Leopard. + +#if defined(VM_MEMORY_JAVASCRIPT_CORE) +#define VM_TAG_FOR_COLLECTOR_MEMORY VM_MAKE_TAG(VM_MEMORY_JAVASCRIPT_CORE) +#else +#define VM_TAG_FOR_COLLECTOR_MEMORY VM_MAKE_TAG(63) +#endif // defined(VM_MEMORY_JAVASCRIPT_CORE) #if defined(VM_MEMORY_WEBCORE_PURGEABLE_BUFFERS) #define VM_TAG_FOR_WEBCORE_PURGEABLE_MEMORY VM_MAKE_TAG(VM_MEMORY_WEBCORE_PURGEABLE_BUFFERS) @@ -56,7 +79,7 @@ #define VM_TAG_FOR_WEBCORE_PURGEABLE_MEMORY VM_MAKE_TAG(69) #endif // defined(VM_MEMORY_WEBCORE_PURGEABLE_BUFFERS) -#else // OS(DARWIN) && !defined(BUILDING_ON_TIGER) +#else // OS(DARWIN) #define VM_TAG_FOR_TCMALLOC_MEMORY -1 #define VM_TAG_FOR_COLLECTOR_MEMORY -1 @@ -64,6 +87,6 @@ #define VM_TAG_FOR_REGISTERFILE_MEMORY -1 #define VM_TAG_FOR_WEBCORE_PURGEABLE_MEMORY -1 -#endif // OS(DARWIN) && !defined(BUILDING_ON_TIGER) +#endif // OS(DARWIN) #endif // VMTags_h diff --git a/src/3rdparty/javascriptcore/VERSION b/src/3rdparty/javascriptcore/VERSION index 2b885a7..9a02027 100644 --- a/src/3rdparty/javascriptcore/VERSION +++ b/src/3rdparty/javascriptcore/VERSION @@ -4,8 +4,8 @@ This is a snapshot of JavaScriptCore from The commit imported was from the - javascriptcore-snapshot-07042010 branch/tag + javascriptcore-snapshot-20042010 branch/tag and has the sha1 checksum - 475f8c67522d8b3f3163dc3a6b24d6083fd0ac19 + c589321ffdda5e93cf77e2cf2cf43afe3e996f6e |