[webkit-changes] [WebKit/WebKit] e9cb06: Regenerate ModuleProgramExecutable unlinkedCodeBlo...
Commit Queue
noreply at github.com
Mon Apr 10 15:15:23 PDT 2023
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: e9cb06ebfbf530f4d571fa5103ebd3d3d6f9aad6
https://github.com/WebKit/WebKit/commit/e9cb06ebfbf530f4d571fa5103ebd3d3d6f9aad6
Author: Yijia Huang <yijia_huang at apple.com>
Date: 2023-04-10 (Mon, 10 Apr 2023)
Changed paths:
M Source/JavaScriptCore/runtime/ModuleProgramExecutable.cpp
M Source/JavaScriptCore/runtime/ModuleProgramExecutable.h
M Source/JavaScriptCore/runtime/ScriptExecutable.cpp
Log Message:
-----------
Regenerate ModuleProgramExecutable unlinkedCodeBlock after being destroyed by low memory cleaning
https://bugs.webkit.org/show_bug.cgi?id=255044
rdar://104937190
Reviewed by Mark Lam and Yusuke Suzuki.
ModuleProgramExecutable's unlinkedCodeBlock can be cleared by ScriptExecutable::clearCode
during low memory handling. As a result, ScriptExecutable::newCodeBlockFor can encounter
a null unlinkedCodeBlock. This patch fixes this issue by regenerating the unlinkedCodeBlock
if needed.
No test is added because the manifestation of this bug depends on a race condition.
The race condition requires that ScriptExecutable::clearCode be called after
ModuleProgramExecutable is instantiated and before ScriptExecutable::newCodeBlockFor
runs. This can happen due to low memory handling. We manually simulated this condition
in local testing to reproduce the issue by forcing ScriptExecutable::clearCode to be called
after ModuleProgramExecutable is instantiated and just before the VM returns to the idle loop.
Using this method, we confirmed that the fix works.
* Source/JavaScriptCore/runtime/ModuleProgramExecutable.cpp:
(JSC::ModuleProgramExecutable::generateOrGetUnlinkedCodeBlock):
(JSC::ModuleProgramExecutable::create):
* Source/JavaScriptCore/runtime/ModuleProgramExecutable.h:
* Source/JavaScriptCore/runtime/ScriptExecutable.cpp:
(JSC::ScriptExecutable::newCodeBlockFor):
Canonical link: https://commits.webkit.org/262788@main
More information about the webkit-changes
mailing list