[webkit-changes] [WebKit/WebKit] e9cb06: Regenerate ModuleProgramExecutable unlinkedCodeBlo...

Mon, 10 Apr 2023 15:15:32 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: e9cb06ebfbf530f4d571fa5103ebd3d3d6f9aad6
      
https://github.com/WebKit/WebKit/commit/e9cb06ebfbf530f4d571fa5103ebd3d3d6f9aad6
  Author: Yijia Huang <[email protected]>
  Date:   2023-04-10 (Mon, 10 Apr 2023)

  Changed paths:
    M Source/JavaScriptCore/runtime/ModuleProgramExecutable.cpp
    M Source/JavaScriptCore/runtime/ModuleProgramExecutable.h
    M Source/JavaScriptCore/runtime/ScriptExecutable.cpp

  Log Message:
  -----------
  Regenerate ModuleProgramExecutable unlinkedCodeBlock after being destroyed by 
low memory cleaning
https://bugs.webkit.org/show_bug.cgi?id=255044
rdar://104937190

Reviewed by Mark Lam and Yusuke Suzuki.

ModuleProgramExecutable's unlinkedCodeBlock can be cleared by 
ScriptExecutable::clearCode
during low memory handling. As a result, ScriptExecutable::newCodeBlockFor can 
encounter
a null unlinkedCodeBlock. This patch fixes this issue by regenerating the 
unlinkedCodeBlock
if needed.

No test is added because the manifestation of this bug depends on a race 
condition.
The race condition requires that ScriptExecutable::clearCode be called after
ModuleProgramExecutable is instantiated and before 
ScriptExecutable::newCodeBlockFor
runs. This can happen due to low memory handling. We manually simulated this 
condition
in local testing to reproduce the issue by forcing ScriptExecutable::clearCode 
to be called
after ModuleProgramExecutable is instantiated and just before the VM returns to 
the idle loop.
Using this method, we confirmed that the fix works.

* Source/JavaScriptCore/runtime/ModuleProgramExecutable.cpp:
(JSC::ModuleProgramExecutable::generateOrGetUnlinkedCodeBlock):
(JSC::ModuleProgramExecutable::create):
* Source/JavaScriptCore/runtime/ModuleProgramExecutable.h:
* Source/JavaScriptCore/runtime/ScriptExecutable.cpp:
(JSC::ScriptExecutable::newCodeBlockFor):

Canonical link: https://commits.webkit.org/262788@main


_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to