diff options
| author | Lorry Tar Creator <lorry-tar-importer@lorry> | 2016-04-10 09:28:39 +0000 |
|---|---|---|
| committer | Lorry Tar Creator <lorry-tar-importer@lorry> | 2016-04-10 09:28:39 +0000 |
| commit | 32761a6cee1d0dee366b885b7b9c777e67885688 (patch) | |
| tree | d6bec92bebfb216f4126356e55518842c2f476a1 /Source/JavaScriptCore/heap/HandleSet.h | |
| parent | a4e969f4965059196ca948db781e52f7cfebf19e (diff) | |
| download | WebKitGtk-tarball-32761a6cee1d0dee366b885b7b9c777e67885688.tar.gz | |
webkitgtk-2.4.11webkitgtk-2.4.11
Diffstat (limited to 'Source/JavaScriptCore/heap/HandleSet.h')
| -rw-r--r-- | Source/JavaScriptCore/heap/HandleSet.h | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/Source/JavaScriptCore/heap/HandleSet.h b/Source/JavaScriptCore/heap/HandleSet.h index f9737882e..58251f66a 100644 --- a/Source/JavaScriptCore/heap/HandleSet.h +++ b/Source/JavaScriptCore/heap/HandleSet.h @@ -35,10 +35,12 @@ namespace JSC { +class HandleBlock; class HandleSet; class HeapRootVisitor; class VM; class JSValue; +class SlotVisitor; class HandleNode { public: @@ -98,6 +100,7 @@ private: SentinelLinkedList<Node> m_strongList; SentinelLinkedList<Node> m_immediateList; SinglyLinkedList<Node> m_freeList; + Node* m_nextToFinalize; }; inline HandleSet* HandleSet::heapFor(HandleSlot handle) @@ -122,6 +125,10 @@ inline HandleSet::Node* HandleSet::toNode(HandleSlot handle) inline HandleSlot HandleSet::allocate() { + // Forbid assignment to handles during the finalization phase, since it would violate many GC invariants. + // File a bug with stack trace if you hit this. + RELEASE_ASSERT(!m_nextToFinalize); + if (m_freeList.isEmpty()) grow(); @@ -134,6 +141,11 @@ inline HandleSlot HandleSet::allocate() inline void HandleSet::deallocate(HandleSlot handle) { HandleSet::Node* node = toNode(handle); + if (node == m_nextToFinalize) { + ASSERT(m_nextToFinalize->next()); + m_nextToFinalize = m_nextToFinalize->next(); + } + SentinelLinkedList<HandleSet::Node>::remove(node); m_freeList.push(node); } |