Changeset 162735 in webkit


Ignore:
Timestamp:
Jan 24, 2014 3:44:50 PM (10 years ago)
Author:
mark.lam@apple.com
Message:

ASSERT(!m_markedSpace.m_currentDelayedReleaseScope) reloading page in inspector.
<https://webkit.org/b/127582>

Reviewed by Mark Hahnenberg.

Source/JavaScriptCore:

  1. We should not enter a HeapIterationScope when we iterate the CodeBlocks. Apparently, iterating the CodeBlocks does not count as heap iteration.
  1. If we're detaching the debugger due to the JSGlobalObject destructing, then we don't need to clear the debugger requests in the associated CodeBlocks. The JSGlobalObject destructing would mean that those CodeBlocks would be destructing too, and it may not be safe to access them anyway at this point.

The assertion failure is because we had entered a HeapIterationScope
while the JSGlobalObject is destructing, which in turn means that GC
sweeping is in progress. It's not legal to iterate the heap while the GC
is sweeping. Once we fixed the above 2 issues, we will no longer have
the conditions that manifests this assertion failure.

  • debugger/Debugger.cpp:

(JSC::Debugger::detach):
(JSC::Debugger::setSteppingMode):
(JSC::Debugger::toggleBreakpoint):
(JSC::Debugger::clearBreakpoints):
(JSC::Debugger::clearDebuggerRequests):

  • debugger/Debugger.h:
  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::~JSGlobalObject):

Source/WebCore:

No new tests.

  • bindings/js/ScriptController.cpp:

(WebCore::ScriptController::attachDebugger):

  • bindings/js/WorkerScriptController.cpp:

(WebCore::WorkerScriptController::detachDebugger):

  • Adding reasons for detaching a globalObject from the debugger.
Location:
trunk/Source
Files:
7 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/JavaScriptCore/ChangeLog

    r162723 r162735  
     12014-01-24  Mark Lam  <mark.lam@apple.com>
     2
     3        ASSERT(!m_markedSpace.m_currentDelayedReleaseScope) reloading page in inspector.
     4        <https://webkit.org/b/127582>
     5
     6        Reviewed by Mark Hahnenberg.
     7
     8        1. We should not enter a HeapIterationScope when we iterate the CodeBlocks.
     9           Apparently, iterating the CodeBlocks does not count as heap iteration.
     10
     11        2. If we're detaching the debugger due to the JSGlobalObject destructing,
     12           then we don't need to clear the debugger requests in the associated
     13           CodeBlocks. The JSGlobalObject destructing would mean that those
     14           CodeBlocks would be destructing too, and it may not be safe to access
     15           them anyway at this point.
     16
     17        The assertion failure is because we had entered a HeapIterationScope
     18        while the JSGlobalObject is destructing, which in turn means that GC
     19        sweeping is in progress. It's not legal to iterate the heap while the GC
     20        is sweeping. Once we fixed the above 2 issues, we will no longer have
     21        the conditions that manifests this assertion failure.
     22
     23        * debugger/Debugger.cpp:
     24        (JSC::Debugger::detach):
     25        (JSC::Debugger::setSteppingMode):
     26        (JSC::Debugger::toggleBreakpoint):
     27        (JSC::Debugger::clearBreakpoints):
     28        (JSC::Debugger::clearDebuggerRequests):
     29        * debugger/Debugger.h:
     30        * runtime/JSGlobalObject.cpp:
     31        (JSC::JSGlobalObject::~JSGlobalObject):
     32
    1332014-01-24  Brent Fulgham  <bfulgham@apple.com>
    234
  • trunk/Source/JavaScriptCore/debugger/Debugger.cpp

    r162720 r162735  
    177177}
    178178
    179 void Debugger::detach(JSGlobalObject* globalObject)
     179void Debugger::detach(JSGlobalObject* globalObject, ReasonForDetach reason)
    180180{
    181181    // If we're detaching from the currently executing global object, manually tear down our
     
    191191    m_globalObjects.remove(globalObject);
    192192
    193     clearDebuggerRequests(globalObject);
     193    // If the globalObject is destructing, then its CodeBlocks will also be
     194    // destructed. There is no need to do the debugger requests clean up, and
     195    // it is not safe to access those CodeBlocks at this time anyway.
     196    if (reason != GlobalObjectIsDestructing)
     197        clearDebuggerRequests(globalObject);
     198
    194199    globalObject->setDebugger(0);
    195200    if (!m_globalObjects.size())
     
    229234    if (!m_vm)
    230235        return;
    231     HeapIterationScope iterationScope(m_vm->heap);
    232236    SetSteppingModeFunctor functor(this, mode);
    233237    m_vm->heap.forEachCodeBlock(functor);
     
    314318    if (!m_vm)
    315319        return;
    316     HeapIterationScope iterationScope(m_vm->heap);
    317320    ToggleBreakpointFunctor functor(this, breakpoint, enabledOrNot);
    318321    m_vm->heap.forEachCodeBlock(functor);
     
    494497    if (!m_vm)
    495498        return;
    496     HeapIterationScope iterationScope(m_vm->heap);
    497499    ClearCodeBlockDebuggerRequestsFunctor functor(this);
    498500    m_vm->heap.forEachCodeBlock(functor);
     
    520522{
    521523    ASSERT(m_vm);
    522     HeapIterationScope iterationScope(m_vm->heap);
    523524    ClearDebuggerRequestsFunctor functor(globalObject);
    524525    m_vm->heap.forEachCodeBlock(functor);
  • trunk/Source/JavaScriptCore/debugger/Debugger.h

    r162711 r162735  
    6262
    6363    void attach(JSGlobalObject*);
    64     virtual void detach(JSGlobalObject*);
     64    enum ReasonForDetach {
     65        TerminatingDebuggingSession,
     66        GlobalObjectIsDestructing
     67    };
     68    virtual void detach(JSGlobalObject*, ReasonForDetach);
    6569
    6670    BreakpointID setBreakpoint(Breakpoint, unsigned& actualLine, unsigned& actualColumn);
  • trunk/Source/JavaScriptCore/runtime/JSGlobalObject.cpp

    r162713 r162735  
    165165{
    166166    if (m_debugger)
    167         m_debugger->detach(this);
     167        m_debugger->detach(this, Debugger::GlobalObjectIsDestructing);
    168168
    169169    if (LegacyProfiler* profiler = vm().enabledProfiler())
  • trunk/Source/WebCore/ChangeLog

    r162732 r162735  
     12014-01-24  Mark Lam  <mark.lam@apple.com>
     2
     3        ASSERT(!m_markedSpace.m_currentDelayedReleaseScope) reloading page in inspector.
     4        <https://webkit.org/b/127582>
     5
     6        Reviewed by Mark Hahnenberg.
     7
     8        No new tests.
     9
     10        * bindings/js/ScriptController.cpp:
     11        (WebCore::ScriptController::attachDebugger):
     12        * bindings/js/WorkerScriptController.cpp:
     13        (WebCore::WorkerScriptController::detachDebugger):
     14        - Adding reasons for detaching a globalObject from the debugger.
     15
    1162014-01-24  Zalan Bujtas  <zalan@apple.com>
    217
  • trunk/Source/WebCore/bindings/js/ScriptController.cpp

    r161638 r162735  
    287287        debugger->attach(globalObject);
    288288    else if (JSC::Debugger* currentDebugger = globalObject->debugger())
    289         currentDebugger->detach(globalObject);
     289        currentDebugger->detach(globalObject, JSC::Debugger::TerminatingDebuggingSession);
    290290}
    291291
  • trunk/Source/WebCore/bindings/js/WorkerScriptController.cpp

    r160457 r162735  
    201201void WorkerScriptController::detachDebugger(JSC::Debugger* debugger)
    202202{
    203     debugger->detach(m_workerGlobalScopeWrapper->globalObject());
     203    debugger->detach(m_workerGlobalScopeWrapper->globalObject(), JSC::Debugger::TerminatingDebuggingSession);
    204204}
    205205
Note: See TracChangeset for help on using the changeset viewer.