[webkit-changes] [233962] branches/safari-606-branch/Source/JavaScriptCore

[bshafiei]

Title: [233962] branches/safari-606-branch/Source/_javascript_Core

Revision

233962

Author

bshaf...@apple.com

Date

2018-07-18 19:00:29 -0700 (Wed, 18 Jul 2018)

Log Message

Cherry-pick r233893. rdar://problem/42345044

    CodeBlock::baselineVersion() should account for executables with purged codeBlocks.
    https://bugs.webkit.org/show_bug.cgi?id=187736
    <rdar://problem/42114371>

    Reviewed by Michael Saboff.

    CodeBlock::baselineVersion() currently checks for a null replacement but does not
    account for the fact that that the replacement can also be null due to the
    executable having being purged of its codeBlocks due to a memory event (see
    ExecutableBase::clearCode()).  This patch adds code to account for this.

    * bytecode/CodeBlock.cpp:
    (JSC::CodeBlock::baselineVersion):

    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233893 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Modified Paths

• branches/safari-606-branch/Source/_javascript_Core/ChangeLog
• branches/safari-606-branch/Source/_javascript_Core/bytecode/CodeBlock.cpp

Diff

Modified: branches/safari-606-branch/Source/_javascript_Core/ChangeLog (233961 => 233962)

--- branches/safari-606-branch/Source/_javascript_Core/ChangeLog	2018-07-19 02:00:27 UTC (rev 233961)
+++ branches/safari-606-branch/Source/_javascript_Core/ChangeLog	2018-07-19 02:00:29 UTC (rev 233962)
@@ -1,3 +1,41 @@
+2018-07-18  Babak Shafiei  <bshaf...@apple.com>
+
+        Cherry-pick r233893. rdar://problem/42345044
+
+    CodeBlock::baselineVersion() should account for executables with purged codeBlocks.
+    https://bugs.webkit.org/show_bug.cgi?id=187736
+    <rdar://problem/42114371>
+    
+    Reviewed by Michael Saboff.
+    
+    CodeBlock::baselineVersion() currently checks for a null replacement but does not
+    account for the fact that that the replacement can also be null due to the
+    executable having being purged of its codeBlocks due to a memory event (see
+    ExecutableBase::clearCode()).  This patch adds code to account for this.
+    
+    * bytecode/CodeBlock.cpp:
+    (JSC::CodeBlock::baselineVersion):
+    
+    
+    
+    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233893 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+    2018-07-17  Mark Lam  <mark....@apple.com>
+
+            CodeBlock::baselineVersion() should account for executables with purged codeBlocks.
+            https://bugs.webkit.org/show_bug.cgi?id=187736
+            <rdar://problem/42114371>
+
+            Reviewed by Michael Saboff.
+
+            CodeBlock::baselineVersion() currently checks for a null replacement but does not
+            account for the fact that that the replacement can also be null due to the
+            executable having being purged of its codeBlocks due to a memory event (see
+            ExecutableBase::clearCode()).  This patch adds code to account for this.
+
+            * bytecode/CodeBlock.cpp:
+            (JSC::CodeBlock::baselineVersion):
+
 2018-07-15  Carlos Garcia Campos  <cgar...@igalia.com>
 
         [GLIB] Add API to evaluate code using a given object to store global symbols

Modified: branches/safari-606-branch/Source/_javascript_Core/bytecode/CodeBlock.cpp (233961 => 233962)

--- branches/safari-606-branch/Source/_javascript_Core/bytecode/CodeBlock.cpp	2018-07-19 02:00:27 UTC (rev 233961)
+++ branches/safari-606-branch/Source/_javascript_Core/bytecode/CodeBlock.cpp	2018-07-19 02:00:29 UTC (rev 233962)
@@ -1637,16 +1637,26 @@
 CodeBlock* CodeBlock::baselineVersion()
 {
 #if ENABLE(JIT)
-    if (JITCode::isBaselineCode(jitType()))
+    JITCode::JITType selfJITType = jitType();
+    if (JITCode::isBaselineCode(selfJITType))
         return this;
     CodeBlock* result = replacement();
     if (!result) {
-        // This can happen if we're creating the original CodeBlock for an executable.
-        // Assume that we're the baseline CodeBlock.
-        RELEASE_ASSERT(jitType() == JITCode::None);
-        return this;
+        if (JITCode::isOptimizingJIT(selfJITType)) {
+            // The replacement can be null if we've had a memory clean up and the executable
+            // has been purged of its codeBlocks (see ExecutableBase::clearCode()). Regardless,
+            // the current codeBlock is still live on the stack, and as an optimizing JIT
+            // codeBlock, it will keep its baselineAlternative() alive for us to fetch below.
+            result = this;
+        } else {
+            // This can happen if we're creating the original CodeBlock for an executable.
+            // Assume that we're the baseline CodeBlock.
+            RELEASE_ASSERT(selfJITType == JITCode::None);
+            return this;
+        }
     }
     result = result->baselineAlternative();
+    ASSERT(result);
     return result;
 #else
     return this;

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes