[webkit-changes] [102534] trunk/Source/JavaScriptCore

[mhahnenberg]

Title: [102534] trunk/Source/_javascript_Core

Revision

102534

Author

mhahnenb...@apple.com

Date

2011-12-10 17:23:36 -0800 (Sat, 10 Dec 2011)

Log Message

JSC testapi is crashing on Windows
https://bugs.webkit.org/show_bug.cgi?id=74233

Reviewed by Sam Weinig.

Same error we've encountered before where we are calling the wrong version of
visitChildren and objects that are still reachable aren't getting marked.
This problem will go away soon with the removal of vptrs for these sorts of
optimizations in favor of using the ClassInfo, but for now we can simply give
JSFinalObject a bogus virtual method that Visual Studio can't optimize away to
ensure that JSFinalObject will always have a unique vptr.  We don't have to worry
about JSString or JSArray right now, which are the other two special cases for
visitChildren, since they already have their own virtual functions.

* _javascript_Core.exp:
* _javascript_Core.vcproj/_javascript_Core/_javascript_Core.def:
* runtime/JSObject.cpp:
(JSC::JSFinalObject::vtableAnchor):
* runtime/JSObject.h:

Modified Paths

• trunk/Source/_javascript_Core/ChangeLog
• trunk/Source/_javascript_Core/_javascript_Core.exp
• trunk/Source/_javascript_Core/_javascript_Core.vcproj/_javascript_Core/_javascript_Core.def
• trunk/Source/_javascript_Core/runtime/JSObject.cpp
• trunk/Source/_javascript_Core/runtime/JSObject.h

Diff

Modified: trunk/Source/_javascript_Core/ChangeLog (102533 => 102534)

--- trunk/Source/_javascript_Core/ChangeLog	2011-12-11 00:09:49 UTC (rev 102533)
+++ trunk/Source/_javascript_Core/ChangeLog	2011-12-11 01:23:36 UTC (rev 102534)
@@ -1,3 +1,25 @@
+2011-12-10  Mark Hahnenberg  <mhahnenb...@apple.com>
+
+        JSC testapi is crashing on Windows
+        https://bugs.webkit.org/show_bug.cgi?id=74233
+
+        Reviewed by Sam Weinig.
+
+        Same error we've encountered before where we are calling the wrong version of 
+        visitChildren and objects that are still reachable aren't getting marked.
+        This problem will go away soon with the removal of vptrs for these sorts of 
+        optimizations in favor of using the ClassInfo, but for now we can simply give 
+        JSFinalObject a bogus virtual method that Visual Studio can't optimize away to
+        ensure that JSFinalObject will always have a unique vptr.  We don't have to worry 
+        about JSString or JSArray right now, which are the other two special cases for
+        visitChildren, since they already have their own virtual functions.
+
+        * _javascript_Core.exp:
+        * _javascript_Core.vcproj/_javascript_Core/_javascript_Core.def:
+        * runtime/JSObject.cpp:
+        (JSC::JSFinalObject::vtableAnchor):
+        * runtime/JSObject.h:
+
 2011-12-10  Alexis Menard  <alexis.men...@openbossa.org>
 
         Unused variable in YarrJIT.cpp.

Modified: trunk/Source/_javascript_Core/_javascript_Core.exp (102533 => 102534)

--- trunk/Source/_javascript_Core/_javascript_Core.exp	2011-12-11 00:09:49 UTC (rev 102533)
+++ trunk/Source/_javascript_Core/_javascript_Core.exp	2011-12-11 01:23:36 UTC (rev 102534)
@@ -618,6 +618,7 @@
 __ZNK3WTF6String9substringEjj
 __ZNK3WTF8Collator7collateEPKtmS2_m
 __ZTVN3JSC12StringObjectE
+__ZTVN3JSC13JSFinalObjectE
 __ZTVN3JSC14JSGlobalObjectE
 __ZTVN3JSC14ScopeChainNodeE
 __ZTVN3JSC15JSWrapperObjectE

Modified: trunk/Source/_javascript_Core/_javascript_Core.vcproj/_javascript_Core/_javascript_Core.def (102533 => 102534)

--- trunk/Source/_javascript_Core/_javascript_Core.vcproj/_javascript_Core/_javascript_Core.def	2011-12-11 00:09:49 UTC (rev 102533)
+++ trunk/Source/_javascript_Core/_javascript_Core.vcproj/_javascript_Core/_javascript_Core.def	2011-12-11 01:23:36 UTC (rev 102534)
@@ -361,6 +361,7 @@
     ?visitChildren@JSGlobalThis@JSC@@KAXPAVJSCell@2@AAVSlotVisitor@2@@Z
     ?visitChildren@JSObject@JSC@@SAXPAVJSCell@2@AAVSlotVisitor@2@@Z
     ?vtableAnchor@InternalFunction@JSC@@EAEXXZ
+    ?vtableAnchor@JSFinalObject@JSC@@EAEXXZ
     ?vtableAnchor@JSObject@JSC@@UAEXXZ
     ?wait@ThreadCondition@WTF@@QAEXAAVMutex@2@@Z
     ?waitForThreadCompletion@WTF@@YAHIPAPAX@Z

Modified: trunk/Source/_javascript_Core/runtime/JSObject.cpp (102533 => 102534)

--- trunk/Source/_javascript_Core/runtime/JSObject.cpp	2011-12-11 00:09:49 UTC (rev 102533)
+++ trunk/Source/_javascript_Core/runtime/JSObject.cpp	2011-12-11 01:23:36 UTC (rev 102534)
@@ -52,6 +52,11 @@
 
 const ClassInfo JSFinalObject::s_info = { "Object", &Base::s_info, 0, 0, CREATE_METHOD_TABLE(JSFinalObject) };
 
+void JSFinalObject::vtableAnchor()
+{
+    printf("Something Visual Studio can't optimize away.\n");
+}
+
 static inline void getClassPropertyNames(ExecState* exec, const ClassInfo* classInfo, PropertyNameArray& propertyNames, EnumerationMode mode)
 {
     // Add properties from the static hashtables of properties

Modified: trunk/Source/_javascript_Core/runtime/JSObject.h (102533 => 102534)

--- trunk/Source/_javascript_Core/runtime/JSObject.h	2011-12-11 00:09:49 UTC (rev 102533)
+++ trunk/Source/_javascript_Core/runtime/JSObject.h	2011-12-11 01:23:36 UTC (rev 102534)
@@ -382,6 +382,8 @@
         {
         }
 
+        virtual void vtableAnchor();
+
         static const unsigned StructureFlags = JSObject::StructureFlags;
 
         WriteBarrierBase<Unknown> m_inlineStorage[JSFinalObject_inlineStorageCapacity];

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes