1 files changed, 18 insertions, 23 deletions

diff --git a/Source/JavaScriptCore/heap/Heap.cpp b/Source/JavaScriptCore/heap/Heap.cpp
index ef062c9ce..377132765 100644
--- a/Source/JavaScriptCore/heap/Heap.cpp
+++ b/Source/JavaScriptCore/heap/Heap.cpp
@@ -160,15 +160,9 @@ static inline size_t proportionalHeapSize(size_t heapSize, size_t ramSize)
     return 1.25 * heapSize;
 }
 
-static inline bool isValidSharedInstanceThreadState()
+static inline bool isValidSharedInstanceThreadState(JSGlobalData* globalData)
 {
-    if (!JSLock::lockCount())
-        return false;
-
-    if (!JSLock::currentThreadIsHoldingLock())
-        return false;
-
-    return true;
+    return globalData->apiLock().currentThreadIsHoldingLock();
 }
 
 static inline bool isValidThreadState(JSGlobalData* globalData)
@@ -176,7 +170,7 @@ static inline bool isValidThreadState(JSGlobalData* globalData)
     if (globalData->identifierTable != wtfThreadData().currentIdentifierTable())
         return false;
 
-    if (globalData->isSharedInstance() && !isValidSharedInstanceThreadState())
+    if (globalData->isSharedInstance() && !isValidSharedInstanceThreadState(globalData))
         return false;
 
     return true;
@@ -275,10 +269,6 @@ void Heap::lastChanceToFinalize()
     ASSERT(!m_globalData->dynamicGlobalObject);
     ASSERT(m_operationInProgress == NoOperation);
 
-    // FIXME: Make this a release-mode crash once we're sure no one's doing this.
-    if (size_t size = m_protectedValues.size())
-        WTFLogAlways("ERROR: JavaScriptCore heap deallocated while %ld values were still protected", static_cast<unsigned long>(size));
-
     m_objectSpace.lastChanceToFinalize();
 
 #if ENABLE(SIMPLE_HEAP_PROFILING)
@@ -327,7 +317,7 @@ void Heap::didAbandon(size_t bytes)
 void Heap::protect(JSValue k)
 {
     ASSERT(k);
-    ASSERT(JSLock::currentThreadIsHoldingLock() || !m_globalData->isSharedInstance());
+    ASSERT(m_globalData->apiLock().currentThreadIsHoldingLock());
 
     if (!k.isCell())
         return;
@@ -338,7 +328,7 @@ void Heap::protect(JSValue k)
 bool Heap::unprotect(JSValue k)
 {
     ASSERT(k);
-    ASSERT(JSLock::currentThreadIsHoldingLock() || !m_globalData->isSharedInstance());
+    ASSERT(m_globalData->apiLock().currentThreadIsHoldingLock());
 
     if (!k.isCell())
         return false;
@@ -430,6 +420,7 @@ void Heap::markRoots(bool fullGC)
     // We gather conservative roots before clearing mark bits because conservative
     // gathering uses the mark bits to determine whether a reference is valid.
     ConservativeRoots machineThreadRoots(&m_objectSpace.blocks(), &m_storageSpace);
+    m_jitStubRoutines.clearMarks();
     {
         GCPHASE(GatherConservativeRoots);
         m_machineThreads.gatherConservativeRoots(machineThreadRoots, &dummy);
@@ -439,7 +430,8 @@ void Heap::markRoots(bool fullGC)
     m_dfgCodeBlocks.clearMarks();
     {
         GCPHASE(GatherRegisterFileRoots);
-        registerFile().gatherConservativeRoots(registerFileRoots, m_dfgCodeBlocks);
+        registerFile().gatherConservativeRoots(
+            registerFileRoots, m_jitStubRoutines, m_dfgCodeBlocks);
     }
 
 #if ENABLE(DFG_JIT)
@@ -464,6 +456,7 @@ void Heap::markRoots(bool fullGC)
 
     m_storageSpace.startedCopying();
     SlotVisitor& visitor = m_slotVisitor;
+    visitor.setup();
     HeapRootVisitor heapRootVisitor(visitor);
 
     {
@@ -549,9 +542,10 @@ void Heap::markRoots(bool fullGC)
         }
     
         {
-            GCPHASE(TraceCodeBlocks);
-            MARK_LOG_ROOT(visitor, "Trace Code Blocks");
+            GCPHASE(TraceCodeBlocksAndJITStubRoutines);
+            MARK_LOG_ROOT(visitor, "Trace Code Blocks and JIT Stub Routines");
             m_dfgCodeBlocks.traceMarkedCodeBlocks(visitor);
+            m_jitStubRoutines.traceMarkedStubRoutines(visitor);
             visitor.donateAndDrain();
         }
     
@@ -595,12 +589,11 @@ void Heap::markRoots(bool fullGC)
 #endif
 
     visitor.reset();
-    m_sharedData.reset();
 #if ENABLE(PARALLEL_GC)
     m_sharedData.resetChildren();
 #endif
+    m_sharedData.reset();
     m_storageSpace.doneCopying();
-
 }
 
 size_t Heap::objectCount()
@@ -675,6 +668,7 @@ void Heap::deleteUnmarkedCompiledCode()
     }
 
     m_dfgCodeBlocks.deleteUnmarkedJettisonedCodeBlocks();
+    m_jitStubRoutines.deleteUnmarkedJettisonedStubRoutines();
 }
 
 void Heap::collectAllGarbage()
@@ -692,6 +686,7 @@ void Heap::collect(SweepToggle sweepToggle)
     SamplingRegion samplingRegion("Garbage Collection");
     
     GCPHASE(Collect);
+    ASSERT(globalData()->apiLock().currentThreadIsHoldingLock());
     ASSERT(globalData()->identifierTable == wtfThreadData().currentIdentifierTable());
     ASSERT(m_isSafeToCollect);
     JAVASCRIPTCORE_GC_BEGIN();
@@ -777,19 +772,19 @@ void Heap::collect(SweepToggle sweepToggle)
     JAVASCRIPTCORE_GC_END();
 }
 
-void Heap::setActivityCallback(PassOwnPtr<GCActivityCallback> activityCallback)
+void Heap::setActivityCallback(GCActivityCallback* activityCallback)
 {
     m_activityCallback = activityCallback;
 }
 
 GCActivityCallback* Heap::activityCallback()
 {
-    return m_activityCallback.get();
+    return m_activityCallback;
 }
 
 IncrementalSweeper* Heap::sweeper()
 {
-    return m_sweeper.get();
+    return m_sweeper;
 }
 
 void Heap::setGarbageCollectionTimerEnabled(bool enable)