Ignore:
Timestamp:
Oct 7, 2015, 4:10:20 PM (10 years ago)
Author:
[email protected]
Message:

Unreviewed, rolling back in r190450
https://bugs.webkit.org/show_bug.cgi?id=149727

This time for sure?

The cause of the leak was an invalidated compilation.

There was vestigial manual memory management code that eagerly removed
a CodeBlock from the set of CodeBlocks if compilation was invalidated.
That's not cool since we rely on the set of CodeBlocks when we run
destructors.

The fix is to remove the vestigial code.

I ran the leaks, correctness, and performance tests locally and did not
see any problems.

Restored changesets:

"CodeBlock should be a GC object"
https://bugs.webkit.org/show_bug.cgi?id=149727
http://trac.webkit.org/changeset/190450

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp

    r190606 r190694  
    7070                AssemblyHelpers::NonZero,
    7171                AssemblyHelpers::AbsoluteAddress(
    72                     inlineCallFrame->executable->addressOfDidTryToEnterInLoop())));
     72                    inlineCallFrame->baselineCodeBlock->ownerScriptExecutable()->addressOfDidTryToEnterInLoop())));
    7373    }
    7474   
     
    269269void adjustAndJumpToTarget(CCallHelpers& jit, const OSRExitBase& exit, bool isExitingToOpCatch)
    270270{
    271     jit.move(AssemblyHelpers::TrustedImmPtr(jit.codeBlock()->ownerExecutable()), GPRInfo::argumentGPR1);
     271    CodeBlock* baselineCodeBlock = jit.baselineCodeBlockFor(exit.m_codeOrigin);
     272    jit.move(AssemblyHelpers::TrustedImmPtr(baselineCodeBlock), GPRInfo::argumentGPR1);
    272273    osrWriteBarrier(jit, GPRInfo::argumentGPR1, GPRInfo::nonArgGPR0);
    273274    InlineCallFrameSet* inlineCallFrames = jit.codeBlock()->jitCode()->dfgCommon()->inlineCallFrames.get();
    274275    if (inlineCallFrames) {
    275276        for (InlineCallFrame* inlineCallFrame : *inlineCallFrames) {
    276             ScriptExecutable* ownerExecutable = inlineCallFrame->executable.get();
    277             jit.move(AssemblyHelpers::TrustedImmPtr(ownerExecutable), GPRInfo::argumentGPR1);
     277            CodeBlock* baselineCodeBlock = inlineCallFrame->baselineCodeBlock.get();
     278            jit.move(AssemblyHelpers::TrustedImmPtr(baselineCodeBlock), GPRInfo::argumentGPR1);
    278279            osrWriteBarrier(jit, GPRInfo::argumentGPR1, GPRInfo::nonArgGPR0);
    279280        }
     
    283284        jit.addPtr(AssemblyHelpers::TrustedImm32(exit.m_codeOrigin.inlineCallFrame->stackOffset * sizeof(EncodedJSValue)), GPRInfo::callFrameRegister);
    284285
    285     CodeBlock* baselineCodeBlock = jit.baselineCodeBlockFor(exit.m_codeOrigin);
    286286    Vector<BytecodeAndMachineOffset>& decodedCodeMap = jit.decodedCodeMapFor(baselineCodeBlock);
    287287   
Note: See TracChangeset for help on using the changeset viewer.