Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: da1f31b2f4318b5a53ecf09aadafb85fbc8413d4
https://github.com/WebKit/WebKit/commit/da1f31b2f4318b5a53ecf09aadafb85fbc8413d4
Author: Yijia Huang <[email protected]>
Date: 2026-05-07 (Thu, 07 May 2026)
Changed paths:
A JSTests/wasm/debugger/resources/wasm/memory-atomic-wait-no-timeout.js
A JSTests/wasm/debugger/resources/wasm/memory-atomic-wait.js
M JSTests/wasm/debugger/tests/tests.py
M Source/JavaScriptCore/llint/InPlaceInterpreter64.asm
M Source/JavaScriptCore/runtime/StopTheWorldCallback.h
M Source/JavaScriptCore/runtime/VMManager.cpp
M Source/JavaScriptCore/runtime/VMManager.h
M Source/JavaScriptCore/runtime/WaiterListManager.cpp
M Source/JavaScriptCore/wasm/WasmIPIntSlowPaths.cpp
M Source/JavaScriptCore/wasm/debugger/WasmDebugServer.cpp
M Source/JavaScriptCore/wasm/debugger/WasmDebugServerUtilities.h
M Source/JavaScriptCore/wasm/debugger/WasmExecutionHandler.cpp
M Source/JavaScriptCore/wasm/debugger/WasmExecutionHandler.h
M Source/WebCore/Headers.cmake
M Source/WebCore/Modules/filesystem/WorkerFileSystemStorageConnection.cpp
M Source/WebCore/Modules/indexeddb/IDBTransaction.cpp
M Source/WebCore/Modules/websockets/WorkerThreadableWebSocketChannel.cpp
M Source/WebCore/Sources.txt
M Source/WebCore/WebCore.xcodeproj/project.pbxproj
M Source/WebCore/bindings/js/SerializedScriptValue.cpp
M Source/WebCore/bindings/js/SerializedScriptValue.h
M Source/WebCore/workers/WorkerGlobalScope.cpp
M Source/WebCore/workers/WorkerNotificationClient.cpp
M Source/WebCore/workers/WorkerRunLoop.cpp
A Source/WebCore/workers/WorkerSTWParticipation.cpp
A Source/WebCore/workers/WorkerSTWParticipation.h
Log Message:
-----------
[JSC][WASM][Debugger] Fix STW deadlocks when VM blocks in memory.atomic.wait
or WebCore operations
rdar://176042013
https://bugs.webkit.org/show_bug.cgi?id=313838
Reviewed by Mark Lam.
Worker threads that block while the VM is entered (vm.isEntered()==true)
prevent the WASM debugger's Stop-The-World protocol from completing: the VM
never reaches a JSC trap check point to call notifyVMStop(), hanging the
STW count indefinitely.
This patch fixes two categories of blocking operations:
1. memory.atomic.wait32/64 (JSC/WASM)
WaiterListManager::waitForSync() now polls every kDebuggerSTWCheckInterval
(50ms) and calls notifyVMStop(WasmAtomicsWaitBlocked) if NeedStopTheWorld
is set. WasmAtomicsWaitBlocked skips clearStop() so stop data persists
across multiple STW cycles; waitForSync() calls clearStop() on exit.
Stop data (callee/cfr/PC/MC/stack) is threaded from the asm through the
slow path stack frame. stepAtBytecode() handles the atomics-wait case
with resumeAll so notifier threads can run.
2. WebCore blocking operations (six sites)
Adds waitWithSTWParticipation() (WorkerSTWParticipation.h): a drop-in
replacement for BinarySemaphore::wait() that polls every 50ms and calls
notifyVMStop(VMStopped) if NeedStopTheWorld is set. Applied to:
- SubtleCrypto.wrapKey / unwrapKey (WorkerGlobalScope)
- Notification.permission check (WorkerNotificationClient)
- IndexedDB blob disk write, worker path (SerializedScriptValue)
- WebSocket peer initialization (WorkerThreadableWebSocketChannel)
- FileSystemSyncAccessHandle close/resize (WorkerFileSystemStorageConnection)
WorkerDedicatedRunLoop::runInMode() caps timeoutDelay to 50ms and checks
NeedStopTheWorld after each wait, covering sync XHR and any operation
that drives the worker run loop synchronously.
Also fixes DebugServer::start() idempotency: worker VMs in the jsc shell
re-enter start() via jsc.cpp's per-VM init path, corrupting m_serverSocket;
the isInService() guard prevents this.
Two new debugger tests: MemoryAtomicWaitTestCase (1ns timeout, breakpoint
+ step) and MemoryAtomicWaitNoTimeoutTestCase (infinite wait, process
interrupt verifies the STW fix).
Canonical link: https://commits.webkit.org/312813@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
