Changeset 76193 in webkit for trunk/Source/JavaScriptCore

Timestamp:

Jan 19, 2011, 6:56:22 PM (14 years ago)

Author:

[email protected]

Message:

Rolled back in r76078, with crash fixed.
​https://bugs.webkit.org/show_bug.cgi?id=52668

Reviewed by Darin Adler.

• runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::markChildren): Account for the fact that the global
object moves its variables into and out of the register file. While out
of the register file, the symbol table's size is not an accurate count
for the size of the register array, since the BytecodeGenerator might
be compiling, adding items to the symbol table.

Location:

trunk/Source/JavaScriptCore

Files:

• ChangeLog (modified) (1 diff)
• interpreter/RegisterFile.h (modified) (1 diff)
• runtime/JSActivation.cpp (modified) (1 diff)
• runtime/JSGlobalObject.cpp (modified) (2 diffs)

trunk/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2011-01-18  Geoffrey Garen  <[email protected]>
+
+        Reviewed by Darin Adler.
+
+        Rolled back in r76078, with crash fixed.
+        https://bugs.webkit.org/show_bug.cgi?id=52668
+        
+        * runtime/JSGlobalObject.cpp:
+        (JSC::JSGlobalObject::markChildren): Account for the fact that the global
+        object moves its variables into and out of the register file. While out
+        of the register file, the symbol table's size is not an accurate count
+        for the size of the register array, since the BytecodeGenerator might
+        be compiling, adding items to the symbol table.
+        
 2011-01-18  Darin Adler  <[email protected]>
 

trunk/Source/JavaScriptCore/interpreter/RegisterFile.h

@@ -132 +132 @@
         Register* lastGlobal() const { return m_start - m_numGlobals; }
         
-        void markGlobals(MarkStack& markStack, Heap* heap) { heap->markConservatively(markStack, lastGlobal(), m_start); }
         void markCallFrames(MarkStack& markStack, Heap* heap) { heap->markConservatively(markStack, m_start, m_end); }
 

trunk/Source/JavaScriptCore/runtime/JSActivation.cpp

@@ -54 +54 @@
     Base::markChildren(markStack);
 
+    // No need to mark our registers if they're still in the RegisterFile.
     Register* registerArray = d()->registerArray.get();
     if (!registerArray)

trunk/Source/JavaScriptCore/runtime/JSGlobalObject.cpp

@@ -350 +350 @@
         (*it)->markAggregate(markStack);
 
-    RegisterFile& registerFile = globalData().interpreter->registerFile();
-    if (registerFile.globalObject() == this)
-        registerFile.markGlobals(markStack, &globalData().heap);
-
     markIfNeeded(markStack, d()->regExpConstructor);
     markIfNeeded(markStack, d()->errorConstructor);
@@ -398 +394 @@
     // guaranteed to be referenced elsewhere.
 
-    Register* registerArray = d()->registerArray.get();
-    if (!registerArray)
-        return;
-
-    size_t size = d()->registerArraySize;
-    markStack.appendValues(reinterpret_cast<JSValue*>(registerArray), size);
+    if (d()->registerArray) {
+        // Outside the execution of global code, when our variables are torn off,
+        // we can mark the torn-off array.
+        markStack.appendValues(d()->registerArray.get(), d()->registerArraySize);
+    } else if (d()->registers) {
+        // During execution of global code, when our variables are in the register file,
+        // the symbol table tells us how many variables there are, and registers
+        // points to where they end, and the registers used for execution begin.
+        markStack.appendValues(d()->registers - symbolTable().size(), symbolTable().size());
+    }
 }