[gjs/ewlsh/fix-barried-get-in-rooting: 4/4] object: Enqueue toggle ups when the heap is collecting

From: Philip Chimento <pchimento src gnome org>
To: commits-list gnome org
Cc:
Subject: [gjs/ewlsh/fix-barried-get-in-rooting: 4/4] object: Enqueue toggle ups when the heap is collecting
Date: Sun, 1 Aug 2021 21:50:44 +0000 (UTC)


commit d3444594be066ba438c351ecb3426bd38ee4b51f
Author: Evan Welsh <contact evanwelsh com>
Date:   Sun Jul 25 05:02:04 2021 -0700

    object: Enqueue toggle ups when the heap is collecting
    
    From my research it seems like .get() triggers an ExposeGCThingToActiveJS
    call which can't be called while the heap is collecting - we guard against
    that case in expose_to_js. Fix this by just queuing toggle ups if the heap
    is collecting.
    
    I'm pretty sure we're hitting this case:
    https://gitlab.gnome.org/GNOME/glib/-/blob/main/gobject/gobject.c#L4635
    I tested it and it seems like we're not getting a toggle up on the object
    that is actually being finalized, so my only thought is perhaps it is an
    object that the object getting temporarily toggled up holds a reference
    to?
    
    If that is the case, I think it makes sense to guard toggles while the
    heap is collecting.

 gi/object.cpp  | 4 +++-
 gjs/gjs_pch.hh | 1 +
 2 files changed, 4 insertions(+), 1 deletion(-)
---
diff --git a/gi/object.cpp b/gi/object.cpp
index 3bfa42e8..a834a5be 100644
--- a/gi/object.cpp
+++ b/gi/object.cpp
@@ -28,6 +28,7 @@
 #include <js/ComparisonOperators.h>
 #include <js/GCAPI.h>               // for JS_AddWeakPointerCompartmentCallback
 #include <js/GCVector.h>            // for MutableWrappedPtrOperations
+#include <js/HeapAPI.h>
 #include <js/MemoryFunctions.h>     // for AddAssociatedMemory, RemoveAssoci...
 #include <js/PropertyDescriptor.h>  // for JSPROP_PERMANENT, JSPROP_READONLY
 #include <js/TypeDecls.h>
@@ -1353,7 +1354,8 @@ void ObjectInstance::wrapped_gobj_toggle_notify(void* instance, GObject*,
          * The JSObject associated with the gobject is not rooted,
          * but it needs to be. We'll root it.
          */
-        if (is_main_thread && !anything_queued) {
+        if (is_main_thread && !anything_queued &&
+            !JS::RuntimeHeapIsCollecting()) {
             self->toggle_up();
         } else {
             toggle_queue->enqueue(self, ToggleQueue::UP, toggle_handler);
diff --git a/gjs/gjs_pch.hh b/gjs/gjs_pch.hh
index aa5a736b..8de386a4 100644
--- a/gjs/gjs_pch.hh
+++ b/gjs/gjs_pch.hh
@@ -70,6 +70,7 @@
 #include <js/GCPolicyAPI.h>
 #include <js/GCVector.h>
 #include <js/HashTable.h>
+#include <js/HeapAPI.h>
 #include <js/Id.h>
 #include <js/Initialization.h>
 #include <js/MemoryFunctions.h>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]