Changeset 47627 in webkit for trunk/JavaScriptCore/bytecode/CodeBlock.h

Timestamp:

Aug 21, 2009, 12:48:59 AM (16 years ago)

Author:

[email protected]

Message:

Browser hangs on opening Web Inspector.
​https://bugs.webkit.org/show_bug.cgi?id=28438

Reviewed by Maciej Stachowiak.

Code generation needs to be able to walk the entire scopechain in some
cases, however the symbol table used by activations was a member of the
codeblock. Following recompilation this may no longer exist, leading
to a crash or hang on lookup.

We fix this by introducing a refcounted SymbolTable subclass, SharedSymbolTable,
for the CodeBlocks used by function code. This allows activations to
maintain ownership of a copy of the symbol table even after recompilation so
they can continue to work.

File:

• trunk/JavaScriptCore/bytecode/CodeBlock.h (modified) (6 diffs)

trunk/JavaScriptCore/bytecode/CodeBlock.h

@@ -262 +262 @@
         friend class JIT;
     protected:
-        CodeBlock(ExecutableBase* ownerExecutable, CodeType, PassRefPtr<SourceProvider>, unsigned sourceOffset);
+        CodeBlock(ExecutableBase* ownerExecutable, CodeType, PassRefPtr<SourceProvider>, unsigned sourceOffset, SymbolTable* symbolTable);
     public:
-        ~CodeBlock();
+        virtual ~CodeBlock();
 
         void markAggregate(MarkStack&);
@@ -467 +467 @@
 
 
-        SymbolTable& symbolTable() { return m_symbolTable; }
+        SymbolTable* symbolTable() { return m_symbolTable; }
+        SharedSymbolTable* sharedSymbolTable() { ASSERT(m_codeType == FunctionCode); return static_cast<SharedSymbolTable*>(m_symbolTable); }
 
         EvalCodeCache& evalCodeCache() { createRareDataIfNecessary(); return m_rareData->m_evalCodeCache; }
@@ -531 +532 @@
         Vector<RefPtr<FunctionExecutable> > m_functionExprs;
 
-        SymbolTable m_symbolTable;
+        SymbolTable* m_symbolTable;
 
         OwnPtr<ExceptionInfo> m_exceptionInfo;
@@ -561 +562 @@
     public:
         GlobalCodeBlock(ExecutableBase* ownerExecutable, CodeType codeType, PassRefPtr<SourceProvider> sourceProvider, unsigned sourceOffset, JSGlobalObject* globalObject)
-            : CodeBlock(ownerExecutable, codeType, sourceProvider, sourceOffset)
+            : CodeBlock(ownerExecutable, codeType, sourceProvider, sourceOffset, &m_unsharedSymbolTable)
             , m_globalObject(globalObject)
         {
@@ -577 +578 @@
     private:
         JSGlobalObject* m_globalObject; // For program and eval nodes, the global object that marks the constant pool.
+        SymbolTable m_unsharedSymbolTable;
     };
 
@@ -612 +614 @@
     class FunctionCodeBlock : public CodeBlock {
     public:
+        // Rather than using the usual RefCounted::create idiom for SharedSymbolTable we just use new
+        // as we need to initialise the CodeBlock before we could initialise any RefPtr to hold the shared
+        // symbol table, so we just pass as a raw pointer with a ref count of 1.  We then manually deref
+        // in the destructor.
         FunctionCodeBlock(FunctionExecutable* ownerExecutable, CodeType codeType, PassRefPtr<SourceProvider> sourceProvider, unsigned sourceOffset)
-            : CodeBlock(ownerExecutable, codeType, sourceProvider, sourceOffset)
-        {
+            : CodeBlock(ownerExecutable, codeType, sourceProvider, sourceOffset, new SharedSymbolTable)
+        {
+        }
+        ~FunctionCodeBlock()
+        {
+            sharedSymbolTable()->deref();
         }
     };