Bug 142454

Summary: JITThunks keeps finalized Weaks around, pinning WeakBlocks.
Product: WebKit Reporter: Andreas Kling <kling>
Component: JavaScriptCoreAssignee: Andreas Kling <kling>
Status: RESOLVED FIXED    
Severity: Normal CC: ggaren, kling
Priority: P2 Keywords: Performance
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Proposed patch darin: review+

Description Andreas Kling 2015-03-08 04:20:28 PDT 
I'm seeing a bunch of WeakBlocks that are only kept alive by the host function Weak pointers in VM::jitStubs.
Comment 1 Andreas Kling 2015-03-08 04:25:16 PDT 
Created attachment 248188 [details]
Proposed patch
Comment 2 Darin Adler 2015-03-08 10:45:39 PDT 
Comment on attachment 248188 [details]
Proposed patch

View in context: https://bugs.webkit.org/attachment.cgi?id=248188&action=review

> Source/JavaScriptCore/jit/JITThunks.cpp:81
> +    NativeExecutable* nativeExecutable = jsCast<NativeExecutable*>(handle.get().asCell());

I would use auto* here instead of NativeExecutable* here since the type is already named over on the right side of the line. Maybe use a reference here since this can’t be null?

> Source/JavaScriptCore/jit/JITThunks.h:48
> +class JITThunks final : public WeakHandleOwner {

How about using private inheritance instead of public? The new code seems to be all inside JITThunks member functions.
Comment 3 Andreas Kling 2015-03-08 16:59:38 PDT 
Committed <https://trac.webkit.org/r181250>