Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 4cee9db51dcaf948e57589425b9035e5c9ab18c7
https://github.com/WebKit/WebKit/commit/4cee9db51dcaf948e57589425b9035e5c9ab18c7
Author: Yijia Huang <[email protected]>
Date: 2026-01-25 (Sun, 25 Jan 2026)
Changed paths:
M Source/JavaScriptCore/runtime/VMManager.cpp
Log Message:
-----------
[JSC] Fix m_numberOfActiveVMs underflow in VMManager due to flag-counter
desync
https://bugs.webkit.org/show_bug.cgi?id=306165
rdar://168804514
Reviewed by Mark Lam.
m_numberOfActiveVMs can underflow when transitioning between RunAll and Stopping
modes if a VM exits after resumeTheWorld() clears flags but before the next
stop completes.
This is becuase incrementActiveVMs() checks m_hasBeenCountedAsActive before
incrementing,
but decrementActiveVMs() only checks the mode, not the flag. This asymmetry
allows the counter to be decremented even when the VM was never counted (flag
is false).
This patch make decrementActiveVMs() check the flag before decrementing,
making it symmetric with incrementActiveVMs(). Only decrement if the VM
was actually counted.
Canonical link: https://commits.webkit.org/306172@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
