Changeset 241927 in webkit
- Timestamp:
- Feb 21, 2019 6:02:32 PM (5 years ago)
- Location:
- trunk/Source/JavaScriptCore
- Files:
-
- 15 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/JavaScriptCore/ChangeLog
r241923 r241927 1 2019-02-21 Mark Lam <mark.lam@apple.com> 2 3 Add more doesGC() assertions. 4 https://bugs.webkit.org/show_bug.cgi?id=194911 5 <rdar://problem/48285723> 6 7 Reviewed by Saam Barati and Yusuke Suzuki. 8 9 * dfg/DFGOSRExit.cpp: 10 (JSC::DFG::OSRExit::compileOSRExit): 11 - Set expectDoesGC here because we no longer have to worry about missing store 12 barriers in optimized code after this point. This will prevent false positive 13 assertion failures arising from functions called beneath compileOSRExit(). 14 15 (JSC::DFG::OSRExit::compileExit): 16 - Add a comment to explain why the generated ramp needs to set expectDoesGC even 17 though compileOSRExit() also sets it. Reason: compileOSRExit() is only called 18 for the first OSR from this code origin, the generated ramp is called for many 19 subsequents OSR exits from this code origin. 20 21 * ftl/FTLOSRExitCompiler.cpp: 22 (JSC::FTL::compileStub): 23 - Added a comment for the equivalent reason to the one above. 24 25 (JSC::FTL::compileFTLOSRExit): 26 - Set expectDoesGC here because we no longer have to worry about missing store 27 barriers in optimized code after this point. This will prevent false positive 28 assertion failures arising from functions called beneath compileFTLOSRExit(). 29 30 * heap/CompleteSubspace.cpp: 31 (JSC::CompleteSubspace::tryAllocateSlow): 32 * heap/CompleteSubspaceInlines.h: 33 (JSC::CompleteSubspace::allocateNonVirtual): 34 - assert expectDoesGC. 35 36 * heap/DeferGC.h: 37 (JSC::DeferGC::~DeferGC): 38 - assert expectDoesGC. 39 - Also added WTF_FORBID_HEAP_ALLOCATION to DeferGC, DeferGCForAWhile, and DisallowGC 40 because all 3 should be stack allocated RAII objects. 41 42 * heap/GCDeferralContext.h: 43 * heap/GCDeferralContextInlines.h: 44 (JSC::GCDeferralContext::~GCDeferralContext): 45 - Added WTF_FORBID_HEAP_ALLOCATION. 46 - assert expectDoesGC. 47 48 * heap/Heap.cpp: 49 (JSC::Heap::collectNow): 50 (JSC::Heap::collectAsync): 51 (JSC::Heap::collectSync): 52 (JSC::Heap::stopIfNecessarySlow): 53 (JSC::Heap::collectIfNecessaryOrDefer): 54 * heap/HeapInlines.h: 55 (JSC::Heap::acquireAccess): 56 (JSC::Heap::stopIfNecessary): 57 * heap/LargeAllocation.cpp: 58 (JSC::LargeAllocation::tryCreate): 59 * heap/LocalAllocatorInlines.h: 60 (JSC::LocalAllocator::allocate): 61 - conservatively assert expectDoesGC on these functions that may trigger a GC 62 though they don't always do. 63 64 * runtime/DisallowScope.h: 65 - DisallowScope should be stack allocated because it's an RAII object. 66 67 * runtime/JSCellInlines.h: 68 (JSC::tryAllocateCellHelper): 69 - Remove the expectDoesGC assertion because it is now covered by assertions in 70 CompleteSubspace, LargeAllocation, and LocalAllocator. 71 72 * runtime/RegExpMatchesArray.h: 73 (JSC::createRegExpMatchesArray): 74 - assert expectDoesGC. 75 1 76 2019-02-21 Yusuke Suzuki <ysuzuki@apple.com> 2 77 -
trunk/Source/JavaScriptCore/dfg/DFGOSRExit.cpp
r241849 r241927 1016 1016 auto scope = DECLARE_THROW_SCOPE(*vm); 1017 1017 1018 if (validateDFGDoesGC) { 1019 // We're about to exit optimized code. So, there's no longer any optimized 1020 // code running that expects no GC. 1021 vm->heap.setExpectDoesGC(true); 1022 } 1023 1018 1024 if (vm->callFrameForCatch) 1019 1025 RELEASE_ASSERT(vm->callFrameForCatch == exec); … … 1400 1406 // code running that expects no GC. We need to set this before arguments 1401 1407 // materialization below (see emitRestoreArguments()). 1408 1409 // Even though we set Heap::m_expectDoesGC in compileOSRExit(), we also need 1410 // to set it here because compileOSRExit() is only called on the first time 1411 // we exit from this site, but all subsequent exits will take this compiled 1412 // ramp without calling compileOSRExit() first. 1402 1413 jit.store8(CCallHelpers::TrustedImm32(true), vm.heap.addressOfExpectDoesGC()); 1403 1414 } -
trunk/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp
r241849 r241927 249 249 // code running that expects no GC. We need to set this before object 250 250 // materialization below. 251 252 // Even though we set Heap::m_expectDoesGC in compileFTLOSRExit(), we also need 253 // to set it here because compileFTLOSRExit() is only called on the first time 254 // we exit from this site, but all subsequent exits will take this compiled 255 // ramp without calling compileFTLOSRExit() first. 251 256 jit.store8(CCallHelpers::TrustedImm32(true), vm->heap.addressOfExpectDoesGC()); 252 257 } … … 527 532 528 533 VM& vm = exec->vm(); 534 535 if (validateDFGDoesGC) { 536 // We're about to exit optimized code. So, there's no longer any optimized 537 // code running that expects no GC. 538 vm.heap.setExpectDoesGC(true); 539 } 540 529 541 if (vm.callFrameForCatch) 530 542 RELEASE_ASSERT(vm.callFrameForCatch == exec); -
trunk/Source/JavaScriptCore/heap/CompleteSubspace.cpp
r240216 r241927 1 1 /* 2 * Copyright (C) 2017-201 8Apple Inc. All rights reserved.2 * Copyright (C) 2017-2019 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 123 123 void* CompleteSubspace::tryAllocateSlow(VM& vm, size_t size, GCDeferralContext* deferralContext) 124 124 { 125 if (validateDFGDoesGC) 126 RELEASE_ASSERT(vm.heap.expectDoesGC()); 127 125 128 sanitizeStackForVM(&vm); 126 129 -
trunk/Source/JavaScriptCore/heap/CompleteSubspaceInlines.h
r232132 r241927 1 1 /* 2 * Copyright (C) 2018 Apple Inc. All rights reserved.2 * Copyright (C) 2018-2019 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 30 30 ALWAYS_INLINE void* CompleteSubspace::allocateNonVirtual(VM& vm, size_t size, GCDeferralContext* deferralContext, AllocationFailureMode failureMode) 31 31 { 32 if (validateDFGDoesGC) 33 RELEASE_ASSERT(vm.heap.expectDoesGC()); 34 32 35 if (Allocator allocator = allocatorForNonVirtual(size, AllocatorForMode::AllocatorIfExists)) 33 36 return allocator.allocate(deferralContext, failureMode); -
trunk/Source/JavaScriptCore/heap/DeferGC.h
r218794 r241927 1 1 /* 2 * Copyright (C) 2013-201 7Apple Inc. All rights reserved.2 * Copyright (C) 2013-2019 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 34 34 class DeferGC { 35 35 WTF_MAKE_NONCOPYABLE(DeferGC); 36 WTF_FORBID_HEAP_ALLOCATION; 36 37 public: 37 38 DeferGC(Heap& heap) … … 43 44 ~DeferGC() 44 45 { 46 if (validateDFGDoesGC) 47 RELEASE_ASSERT(m_heap.expectDoesGC()); 45 48 m_heap.decrementDeferralDepthAndGCIfNeeded(); 46 49 } … … 52 55 class DeferGCForAWhile { 53 56 WTF_MAKE_NONCOPYABLE(DeferGCForAWhile); 57 WTF_FORBID_HEAP_ALLOCATION; 54 58 public: 55 59 DeferGCForAWhile(Heap& heap) … … 70 74 class DisallowGC : public DisallowScope<DisallowGC> { 71 75 WTF_MAKE_NONCOPYABLE(DisallowGC); 76 WTF_FORBID_HEAP_ALLOCATION; 72 77 typedef DisallowScope<DisallowGC> Base; 73 78 public: -
trunk/Source/JavaScriptCore/heap/GCDeferralContext.h
r227617 r241927 1 1 /* 2 * Copyright (C) 2016-201 8Apple Inc. All rights reserved.2 * Copyright (C) 2016-2019 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 26 26 #pragma once 27 27 28 #include <wtf/ForbidHeapAllocation.h> 29 28 30 namespace JSC { 29 31 … … 33 35 34 36 class GCDeferralContext { 37 WTF_FORBID_HEAP_ALLOCATION; 38 35 39 friend class Heap; 36 40 friend class BlockDirectory; -
trunk/Source/JavaScriptCore/heap/GCDeferralContextInlines.h
r225725 r241927 1 1 /* 2 * Copyright (C) 2016-201 7Apple Inc. All rights reserved.2 * Copyright (C) 2016-2019 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 38 38 ALWAYS_INLINE GCDeferralContext::~GCDeferralContext() 39 39 { 40 if (validateDFGDoesGC) 41 RELEASE_ASSERT(m_heap.expectDoesGC()); 42 40 43 if (UNLIKELY(m_shouldGC)) 41 44 m_heap.collectIfNecessaryOrDefer(); -
trunk/Source/JavaScriptCore/heap/Heap.cpp
r241655 r241927 1 1 /* 2 * Copyright (C) 2003-201 8Apple Inc. All rights reserved.2 * Copyright (C) 2003-2019 Apple Inc. All rights reserved. 3 3 * Copyright (C) 2007 Eric Seidel <eric@webkit.org> 4 4 * … … 1030 1030 void Heap::collectNow(Synchronousness synchronousness, GCRequest request) 1031 1031 { 1032 if (validateDFGDoesGC) 1033 RELEASE_ASSERT(expectDoesGC()); 1034 1032 1035 switch (synchronousness) { 1033 1036 case Async: { … … 1062 1065 void Heap::collectAsync(GCRequest request) 1063 1066 { 1067 if (validateDFGDoesGC) 1068 RELEASE_ASSERT(expectDoesGC()); 1069 1064 1070 if (!m_isSafeToCollect) 1065 1071 return; … … 1083 1089 void Heap::collectSync(GCRequest request) 1084 1090 { 1091 if (validateDFGDoesGC) 1092 RELEASE_ASSERT(expectDoesGC()); 1093 1085 1094 if (!m_isSafeToCollect) 1086 1095 return; 1087 1096 1088 1097 waitForCollection(requestCollection(request)); 1089 1098 } … … 1738 1747 void Heap::stopIfNecessarySlow() 1739 1748 { 1749 if (validateDFGDoesGC) 1750 RELEASE_ASSERT(expectDoesGC()); 1751 1740 1752 while (stopIfNecessarySlow(m_worldState.load())) { } 1741 1753 … … 1750 1762 bool Heap::stopIfNecessarySlow(unsigned oldState) 1751 1763 { 1764 if (validateDFGDoesGC) 1765 RELEASE_ASSERT(expectDoesGC()); 1766 1752 1767 RELEASE_ASSERT(oldState & hasAccessBit); 1753 1768 RELEASE_ASSERT(!(oldState & stoppedBit)); … … 2539 2554 { 2540 2555 ASSERT(deferralContext || isDeferred() || !DisallowGC::isInEffectOnCurrentThread()); 2556 if (validateDFGDoesGC) 2557 RELEASE_ASSERT(expectDoesGC()); 2541 2558 2542 2559 if (!m_isSafeToCollect) 2543 2560 return; 2561 2544 2562 switch (mutatorState()) { 2545 2563 case MutatorState::Running: -
trunk/Source/JavaScriptCore/heap/HeapInlines.h
r229798 r241927 239 239 inline void Heap::acquireAccess() 240 240 { 241 if (validateDFGDoesGC) 242 RELEASE_ASSERT(expectDoesGC()); 243 241 244 if (m_worldState.compareExchangeWeak(0, hasAccessBit)) 242 245 return; … … 263 266 inline void Heap::stopIfNecessary() 264 267 { 268 if (validateDFGDoesGC) 269 RELEASE_ASSERT(expectDoesGC()); 270 265 271 if (mayNeedToStop()) 266 272 stopIfNecessarySlow(); -
trunk/Source/JavaScriptCore/heap/LargeAllocation.cpp
r240216 r241927 37 37 LargeAllocation* LargeAllocation::tryCreate(Heap& heap, size_t size, Subspace* subspace) 38 38 { 39 if (validateDFGDoesGC) 40 RELEASE_ASSERT(heap.expectDoesGC()); 41 39 42 // This includes padding at the end of the allocation to maintain the distancing constraint. 40 43 constexpr size_t distancing = minimumDistanceBetweenCellsFromDifferentOrigins; -
trunk/Source/JavaScriptCore/heap/LocalAllocatorInlines.h
r227617 r241927 1 1 /* 2 * Copyright (C) 2018 Apple Inc. All rights reserved.2 * Copyright (C) 2018-2019 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 32 32 ALWAYS_INLINE void* LocalAllocator::allocate(GCDeferralContext* deferralContext, AllocationFailureMode failureMode) 33 33 { 34 if (validateDFGDoesGC) 35 RELEASE_ASSERT(m_directory->heap()->expectDoesGC()); 34 36 return m_freeList.allocate( 35 37 [&] () -> HeapCell* { -
trunk/Source/JavaScriptCore/runtime/DisallowScope.h
r233722 r241927 1 1 /* 2 * Copyright (C) 2017-201 8Apple Inc. All rights reserved.2 * Copyright (C) 2017-2019 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 26 26 #pragma once 27 27 28 #include <wtf/ForbidHeapAllocation.h> 28 29 #include <wtf/Noncopyable.h> 29 30 … … 33 34 class DisallowScope { 34 35 WTF_MAKE_NONCOPYABLE(DisallowScope); 36 WTF_FORBID_HEAP_ALLOCATION; 35 37 public: 36 38 #ifdef NDEBUG -
trunk/Source/JavaScriptCore/runtime/JSCellInlines.h
r241849 r241927 167 167 { 168 168 VM& vm = *heap.vm(); 169 if (validateDFGDoesGC)170 RELEASE_ASSERT(heap.expectDoesGC());171 172 169 ASSERT(deferralContext || !DisallowGC::isInEffectOnCurrentThread()); 173 170 ASSERT(size >= sizeof(T)); -
trunk/Source/JavaScriptCore/runtime/RegExpMatchesArray.h
r232951 r241927 63 63 RegExp* regExp, unsigned startOffset, MatchResult& result) 64 64 { 65 if (validateDFGDoesGC) 66 RELEASE_ASSERT(vm.heap.expectDoesGC()); 67 65 68 Vector<int, 32> subpatternResults; 66 69 int position = regExp->matchInline(vm, inputValue, startOffset, subpatternResults);
Note: See TracChangeset
for help on using the changeset viewer.