Bug 1322312 - Assert that GCRuntime::enter/leaveUnsafe region is only used on the main thread r=sfink
authorJon Coppeard <jcoppeard@mozilla.com>
Tue, 06 Dec 2016 17:23:48 -1000
changeset 325323 c30011abb0f2357132b5098c2d3e2ce35b880a12
parent 325322 1d9ec0ad1388284030757003dbffa93bcaf9c0e0
child 325324 40c8129cffbf82cd89b4e22caf52aa042b5573e4
push id24
push usermaklebus@msu.edu
push dateTue, 20 Dec 2016 03:11:33 +0000
reviewerssfink
bugs1322312
milestone53.0a1
Bug 1322312 - Assert that GCRuntime::enter/leaveUnsafe region is only used on the main thread r=sfink
js/public/ProfilingFrameIterator.h
js/src/gc/GCRuntime.h
js/src/vm/Stack.cpp
--- a/js/public/ProfilingFrameIterator.h
+++ b/js/public/ProfilingFrameIterator.h
@@ -50,18 +50,16 @@ class JS_PUBLIC_API(ProfilingFrameIterat
     uint32_t sampleBufferGen_;
     js::Activation* activation_;
 
     // When moving past a JitActivation, we need to save the prevJitTop
     // from it to use as the exit-frame pointer when the next caller jit
     // activation (if any) comes around.
     void* savedPrevJitTop_;
 
-    JS::AutoCheckCannotGC nogc_;
-
     static const unsigned StorageSpace = 8 * sizeof(void*);
     mozilla::AlignedStorage<StorageSpace> storage_;
     js::wasm::ProfilingFrameIterator& wasmIter() {
         MOZ_ASSERT(!done());
         MOZ_ASSERT(isWasm());
         return *reinterpret_cast<js::wasm::ProfilingFrameIterator*>(storage_.addr());
     }
     const js::wasm::ProfilingFrameIterator& wasmIter() const {
@@ -135,17 +133,17 @@ class JS_PUBLIC_API(ProfilingFrameIterat
 
   private:
     mozilla::Maybe<Frame> getPhysicalFrameAndEntry(js::jit::JitcodeGlobalEntry* entry) const;
 
     void iteratorConstruct(const RegisterState& state);
     void iteratorConstruct();
     void iteratorDestroy();
     bool iteratorDone();
-};
+} JS_HAZ_GC_INVALIDATED;
 
 JS_FRIEND_API(bool)
 IsProfilingEnabledForContext(JSContext* cx);
 
 /**
  * After each sample run, this method should be called with the latest sample
  * buffer generation, and the lapCount.  It will update corresponding fields on
  * JSRuntime.
--- a/js/src/gc/GCRuntime.h
+++ b/js/src/gc/GCRuntime.h
@@ -726,23 +726,28 @@ class GCRuntime
     void disableStrictProxyChecking() { ++disableStrictProxyCheckingCount; }
     void enableStrictProxyChecking() {
         MOZ_ASSERT(disableStrictProxyCheckingCount > 0);
         --disableStrictProxyCheckingCount;
     }
 #endif // DEBUG
 
     bool isInsideUnsafeRegion() { return inUnsafeRegion != 0; }
-    void enterUnsafeRegion() { ++inUnsafeRegion; }
+    void enterUnsafeRegion() {
+        MOZ_ASSERT(CurrentThreadCanAccessRuntime(rt));
+        ++inUnsafeRegion;
+    }
     void leaveUnsafeRegion() {
+        MOZ_ASSERT(CurrentThreadCanAccessRuntime(rt));
         MOZ_ASSERT(inUnsafeRegion > 0);
         --inUnsafeRegion;
     }
 
     void verifyIsSafeToGC() {
+        MOZ_ASSERT(CurrentThreadCanAccessRuntime(rt));
         MOZ_DIAGNOSTIC_ASSERT(!isInsideUnsafeRegion(),
                               "[AutoAssertNoGC] possible GC in GC-unsafe region");
     }
 
     void setAlwaysPreserveCode() { alwaysPreserveCode = true; }
 
     bool isIncrementalGCAllowed() const { return incrementalAllowed; }
     void disallowIncrementalGC() { incrementalAllowed = false; }
--- a/js/src/vm/Stack.cpp
+++ b/js/src/vm/Stack.cpp
@@ -1718,18 +1718,17 @@ ActivationIterator::settle()
         activation_ = activation_->prev();
 }
 
 JS::ProfilingFrameIterator::ProfilingFrameIterator(JSContext* cx, const RegisterState& state,
                                                    uint32_t sampleBufferGen)
   : rt_(cx),
     sampleBufferGen_(sampleBufferGen),
     activation_(nullptr),
-    savedPrevJitTop_(nullptr),
-    nogc_(cx)
+    savedPrevJitTop_(nullptr)
 {
     if (!cx->spsProfiler.enabled())
         MOZ_CRASH("ProfilingFrameIterator called when spsProfiler not enabled for runtime.");
 
     if (!cx->profilingActivation())
         return;
 
     // If profiler sampling is not enabled, skip.