GC in the middle of JSObject::allocatePropertyStorage can cause badness
authormhahnenberg@apple.com <mhahnenberg@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 16 May 2012 21:21:44 +0000 (21:21 +0000)
committermhahnenberg@apple.com <mhahnenberg@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 16 May 2012 21:21:44 +0000 (21:21 +0000)
commit01329c11d3038e56d27ba327f7e08740c9e6ef6f
tree149fd202c735d329826dda8947f97e4e20aef0e1
parentde4529f04678861772958544dfd85afef850e3ea
GC in the middle of JSObject::allocatePropertyStorage can cause badness
https://bugs.webkit.org/show_bug.cgi?id=83839

Reviewed by Geoff Garen.

* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
* jit/JITStubs.cpp: Making changes to use the new return value of growPropertyStorage.
(JSC::DEFINE_STUB_FUNCTION):
* runtime/JSObject.cpp:
(JSC::JSObject::growPropertyStorage): Renamed to more accurately reflect that we're
growing our already-existing PropertyStorage.
* runtime/JSObject.h:
(JSObject):
(JSC::JSObject::setPropertyStorage): "Atomically" sets the new property storage
and the new structure so that we can be sure a GC never occurs when our Structure
info is out of sync with our PropertyStorage.
(JSC):
(JSC::JSObject::putDirectInternal): Moved the check to see if we should
allocate more backing store before the actual property insertion into
the structure.
(JSC::JSObject::putDirectWithoutTransition): Ditto.
(JSC::JSObject::transitionTo): Ditto.
* runtime/Structure.cpp:
(JSC::Structure::suggestedNewPropertyStorageSize): Added to keep the resize policy
for property backing stores contained within the Structure class.
(JSC):
* runtime/Structure.h:
(JSC::Structure::shouldGrowPropertyStorage): Lets clients know if another insertion
into the Structure would require resizing the property backing store so that they can
preallocate the required storage.
(Structure):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@117343 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def
Source/JavaScriptCore/jit/JITStubs.cpp
Source/JavaScriptCore/runtime/JSObject.cpp
Source/JavaScriptCore/runtime/JSObject.h
Source/JavaScriptCore/runtime/Structure.cpp
Source/JavaScriptCore/runtime/Structure.h