Branch: refs/heads/webkitglib/2.52
Home: https://github.com/WebKit/WebKit
Commit: 185bea0644cc1ded8726d3a4235c36edad42e18d
https://github.com/WebKit/WebKit/commit/185bea0644cc1ded8726d3a4235c36edad42e18d
Author: Yijia Huang <[email protected]>
Date: 2026-01-27 (Tue, 27 Jan 2026)
Changed paths:
M Source/JavaScriptCore/runtime/VMManager.cpp
Log Message:
-----------
Cherry-pick 306172@main (4cee9db51dca).
https://bugs.webkit.org/show_bug.cgi?id=306165
[JSC] Fix m_numberOfActiveVMs underflow in VMManager due to flag-counter
desync
https://bugs.webkit.org/show_bug.cgi?id=306165
rdar://168804514
Reviewed by Mark Lam.
m_numberOfActiveVMs can underflow when transitioning between RunAll and
Stopping
modes if a VM exits after resumeTheWorld() clears flags but before the next
stop completes.
This is becuase incrementActiveVMs() checks m_hasBeenCountedAsActive before
incrementing,
but decrementActiveVMs() only checks the mode, not the flag. This asymmetry
allows the counter to be decremented even when the VM was never counted
(flag is false).
This patch make decrementActiveVMs() check the flag before decrementing,
making it symmetric with incrementActiveVMs(). Only decrement if the VM
was actually counted.
Canonical link: https://commits.webkit.org/306172@main
Canonical link: https://commits.webkit.org/305877.23@webkitglib/2.52
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
