Changeset 37631 in webkit for trunk/JavaScriptCore


Ignore:
Timestamp:
Oct 16, 2008, 1:00:53 AM (17 years ago)
Author:
[email protected]
Message:

Reviewed by Darin Adler.

https://bugs.webkit.org/show_bug.cgi?id=21609
Make MessagePorts protect their peers across heaps

JavaScriptCore:

  • JavaScriptCore.exp:
  • kjs/JSGlobalObject.cpp: (JSC::JSGlobalObject::markCrossHeapDependentObjects):
  • kjs/JSGlobalObject.h:
  • kjs/collector.cpp: (JSC::Heap::collect): Before GC sweep phase, a function supplied by global object is now called for all global objects in the heap, making it possible to implement cross-heap dependencies.

WebCore:

  • dom/MessagePort.cpp: (WebCore::MessagePort::MessagePort):
  • dom/MessagePort.h: (WebCore::MessagePort::setJSWrapperIsKnownToBeInaccessible): (WebCore::MessagePort::jsWrapperIsKnownToBeInaccessible): Track objects whose JS wrappers are no longer reachable in MessagePort. Unfortunately, this means that the implementation object knows about JS bindings - but it is not possible to access JS wrappers from another heap/thread.
  • bindings/js/JSDOMBinding.cpp: (WebCore::markCrossHeapDependentObjectsForDocument):
  • bindings/js/JSDOMBinding.h:
  • bindings/js/JSDOMWindowBase.cpp: (WebCore::JSDOMWindowBase::markCrossHeapDependentObjects):
  • bindings/js/JSDOMWindowBase.h: Implement cross-heap dependency tracking for entangled MessagePorts. If a wrapper object hasn't been marked normally, it is marked as inaccessible. It is then marked manually, as long as its entangled port is accessible itself.
Location:
trunk/JavaScriptCore
Files:
5 edited

Legend:

Unmodified
Added
Removed

  • trunk/JavaScriptCore/ChangeLog

    r37630 r37631  
     12008-10-15  Alexey Proskuryakov  <[email protected]>
     2
     3        Reviewed by Darin Adler.
     4
     5        https://bugs.webkit.org/show_bug.cgi?id=21609
     6        Make MessagePorts protect their peers across heaps
     7
     8        * JavaScriptCore.exp:
     9        * kjs/JSGlobalObject.cpp:
     10        (JSC::JSGlobalObject::markCrossHeapDependentObjects):
     11        * kjs/JSGlobalObject.h:
     12        * kjs/collector.cpp:
     13        (JSC::Heap::collect):
     14        Before GC sweep phase, a function supplied by global object is now called for all global
     15        objects in the heap, making it possible to implement cross-heap dependencies.
     16
    1172008-10-15  Alexey Proskuryakov  <[email protected]>
    218

  • trunk/JavaScriptCore/JavaScriptCore.exp

    r37622 r37631  
    148148__ZN3JSC14JSGlobalObject17putWithAttributesEPNS_9ExecStateERKNS_10IdentifierEPNS_7JSValueEj
    149149__ZN3JSC14JSGlobalObject17startTimeoutCheckEv
     150__ZN3JSC14JSGlobalObject29markCrossHeapDependentObjectsEv
    150151__ZN3JSC14JSGlobalObject3putEPNS_9ExecStateERKNS_10IdentifierEPNS_7JSValueERNS_15PutPropertySlotE
    151152__ZN3JSC14JSGlobalObject4initEPNS_8JSObjectE

  • trunk/JavaScriptCore/kjs/JSGlobalObject.cpp

    r37433 r37631  
    400400}
    401401
     402void JSGlobalObject::markCrossHeapDependentObjects()
     403{
     404    // Overridden by subclasses.
     405}
     406
    402407JSGlobalObject* JSGlobalObject::toGlobalObject(ExecState*) const
    403408{

  • trunk/JavaScriptCore/kjs/JSGlobalObject.h

    r37323 r37631  
    159159
    160160        virtual void mark();
     161        virtual void markCrossHeapDependentObjects();
    161162
    162163        virtual bool getOwnPropertySlot(ExecState*, const Identifier&, PropertySlot&);

  • trunk/JavaScriptCore/kjs/collector.cpp

    r37622 r37631  
    970970    m_globalData->smallStrings.mark();
    971971
     972    JSGlobalObject* globalObject = m_globalData->head;
     973    do {
     974        globalObject->markCrossHeapDependentObjects();
     975        globalObject = globalObject->next();
     976    } while (globalObject != m_globalData->head);
     977
    972978    JAVASCRIPTCORE_GC_MARKED();
    973979
Note: See TracChangeset for help on using the changeset viewer.