Changeset 178266 in webkit for trunk/Source/JavaScriptCore/heap


Ignore:
Timestamp:
Jan 12, 2015, 8:29:22 AM (10 years ago)
Author:
[email protected]
Message:

Local JSArray* "keys" in objectConstructorKeys() is not marked during garbage collection
https://bugs.webkit.org/show_bug.cgi?id=140348

Reviewed by Mark Lam.

Move the address of the local variable that is used to demarcate the top of the stack for
conservative roots down to MachineThreads::gatherFromCurrentThread() since it also gets
the register values using setjmp(). That way we don't lose any callee save register
contents between Heap::markRoots(), where it was set, and gatherFromCurrentThread().
If we lose any JSObject* that are only in callee save registers, they will be GC'ed
erroneously.

  • heap/Heap.cpp:

(JSC::Heap::markRoots):
(JSC::Heap::gatherStackRoots):

  • heap/Heap.h:
  • heap/MachineStackMarker.cpp:

(JSC::MachineThreads::gatherFromCurrentThread):
(JSC::MachineThreads::gatherConservativeRoots):

  • heap/MachineStackMarker.h:
Location:
trunk/Source/JavaScriptCore/heap
Files:
4 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/heap/Heap.cpp

    r176424 r178266  
    505505    // We gather conservative roots before clearing mark bits because conservative
    506506    // gathering uses the mark bits to determine whether a reference is valid.
    507     void* dummy;
    508507    ConservativeRoots conservativeRoots(&m_objectSpace.blocks(), &m_storageSpace);
    509     gatherStackRoots(conservativeRoots, &dummy);
     508    gatherStackRoots(conservativeRoots);
    510509    gatherJSStackRoots(conservativeRoots);
    511510    gatherScratchBufferRoots(conservativeRoots);
     
    567566}
    568567
    569 void Heap::gatherStackRoots(ConservativeRoots& roots, void** dummy)
     568void Heap::gatherStackRoots(ConservativeRoots& roots)
    570569{
    571570    GCPHASE(GatherStackRoots);
    572571    m_jitStubRoutines.clearMarks();
    573     m_machineThreads.gatherConservativeRoots(roots, m_jitStubRoutines, m_codeBlocks, dummy);
     572    m_machineThreads.gatherConservativeRoots(roots, m_jitStubRoutines, m_codeBlocks);
    574573}
    575574

  • trunk/Source/JavaScriptCore/heap/Heap.h

    r177130 r178266  
    276276
    277277    void markRoots(double gcStartTime);
    278     void gatherStackRoots(ConservativeRoots&, void** dummy);
     278    void gatherStackRoots(ConservativeRoots&);
    279279    void gatherJSStackRoots(ConservativeRoots&);
    280280    void gatherScratchBufferRoots(ConservativeRoots&);

  • trunk/Source/JavaScriptCore/heap/MachineStackMarker.cpp

    r173949 r178266  
    222222#endif
    223223
    224 void MachineThreads::gatherFromCurrentThread(ConservativeRoots& conservativeRoots, JITStubRoutineSet& jitStubRoutines, CodeBlockSet& codeBlocks, void* stackCurrent)
     224void MachineThreads::gatherFromCurrentThread(ConservativeRoots& conservativeRoots, JITStubRoutineSet& jitStubRoutines, CodeBlockSet& codeBlocks)
    225225{
    226226    // setjmp forces volatile registers onto the stack
    227227    jmp_buf registers REGISTER_BUFFER_ALIGNMENT;
     228
    228229#if COMPILER(MSVC)
    229230#pragma warning(push)
     
    239240    conservativeRoots.add(registersBegin, registersEnd, jitStubRoutines, codeBlocks);
    240241
    241     void* stackBegin = stackCurrent;
     242    // We need to mark the stack top in this function so that callee saves are either already on the stack,
     243    // or will be saved in registers.
     244    void* stackBegin = &registers;
    242245    void* stackEnd = wtfThreadData().stack().origin();
    243246    conservativeRoots.add(stackBegin, stackEnd, jitStubRoutines, codeBlocks);
     
    446449}
    447450
    448 void MachineThreads::gatherConservativeRoots(ConservativeRoots& conservativeRoots, JITStubRoutineSet& jitStubRoutines, CodeBlockSet& codeBlocks, void* stackCurrent)
    449 {
    450     gatherFromCurrentThread(conservativeRoots, jitStubRoutines, codeBlocks, stackCurrent);
     451void MachineThreads::gatherConservativeRoots(ConservativeRoots& conservativeRoots, JITStubRoutineSet& jitStubRoutines, CodeBlockSet& codeBlocks)
     452{
     453    gatherFromCurrentThread(conservativeRoots, jitStubRoutines, codeBlocks);
    451454
    452455    if (m_threadSpecific) {

  • trunk/Source/JavaScriptCore/heap/MachineStackMarker.h

    r163027 r178266  
    4040        ~MachineThreads();
    4141
    42         void gatherConservativeRoots(ConservativeRoots&, JITStubRoutineSet&, CodeBlockSet&, void* stackCurrent);
     42        void gatherConservativeRoots(ConservativeRoots&, JITStubRoutineSet&, CodeBlockSet&);
    4343
    4444        JS_EXPORT_PRIVATE void makeUsableFromMultipleThreads();
     
    4646
    4747    private:
    48         void gatherFromCurrentThread(ConservativeRoots&, JITStubRoutineSet&, CodeBlockSet&, void* stackCurrent);
     48        void gatherFromCurrentThread(ConservativeRoots&, JITStubRoutineSet&, CodeBlockSet&);
    4949
    5050        class Thread;
Note: See TracChangeset for help on using the changeset viewer.