Bug 142454

Summary:

JITThunks keeps finalized Weaks around, pinning WeakBlocks.

Product:

WebKit

Reporter:

Andreas Kling <kling>

Component:

JavaScriptCore

Assignee:

Andreas Kling <kling>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

ggaren, kling

Priority:

Keywords:

Performance

Version:

528+ (Nightly build)

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Proposed patch	darin: review+

Andreas Kling

Reported 2015-03-08 04:20:28 PDT

I'm seeing a bunch of WeakBlocks that are only kept alive by the host function Weak pointers in VM::jitStubs.

Attachments
Proposed patch (4.17 KB, patch) 2015-03-08 04:25 PDT, Andreas Kling	darin: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Andreas Kling

Comment 1 2015-03-08 04:25:16 PDT

Created attachment 248188 [details] Proposed patch

Darin Adler

Comment 2 2015-03-08 10:45:39 PDT

Comment on attachment 248188 [details] Proposed patch View in context: https://bugs.webkit.org/attachment.cgi?id=248188&action=review > Source/JavaScriptCore/jit/JITThunks.cpp:81 > + NativeExecutable* nativeExecutable = jsCast<NativeExecutable*>(handle.get().asCell()); I would use auto* here instead of NativeExecutable* here since the type is already named over on the right side of the line. Maybe use a reference here since this can’t be null? > Source/JavaScriptCore/jit/JITThunks.h:48 > +class JITThunks final : public WeakHandleOwner { How about using private inheritance instead of public? The new code seems to be all inside JITThunks member functions.

Andreas Kling

Comment 3 2015-03-08 16:59:38 PDT

Committed <https://trac.webkit.org/r181250>

Note You need to log in before you can comment on or make changes to this bug.