Right now, when the Data object is destroyed, the mmap'd memory is munmap'd. The memory that is then shared is unmapped underneath us! This is a partial fix. We should also make sure that the memory is not munmap'd until there are no more shared memory handles pointing to it, but this makes it useable.
Created attachment 250551 [details] Patch
Anders, could you mention this bug in the radar when reviewing?
Comment on attachment 250551 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=250551&action=review > Source/WebKit2/Shared/WebCompiledContentExtensionData.h:48 > + WebCompiledContentExtensionData(PassRefPtr<SharedMemory> data, NetworkCache::Data fileData, unsigned actionsOffset, unsigned actionsSize, unsigned bytecodeOffset, unsigned bytecodeSize) New code should not use PassRefPtr. This should be RefPtr<SharedMemory>&& if you want to move it in. Then use WTF::move below.
(In reply to comment #3) > New code should not use PassRefPtr. This should be RefPtr<SharedMemory>&& if > you want to move it in. Then use WTF::move below. I only made that change because stylebot got mad at me for leaving it as RefPtr. If this is true (which it probably is) then stylebot should be changed.
(In reply to comment #4) > (In reply to comment #3) > > New code should not use PassRefPtr. This should be RefPtr<SharedMemory>&& if > > you want to move it in. Then use WTF::move below. > I only made that change because stylebot got mad at me for leaving it as > RefPtr. If this is true (which it probably is) then stylebot should be > changed. Stylebot normally says things like "If even of these errors are wrong please file a bug on check-webkit-style", so you should probably file a bug on check-webkit-style :)
http://trac.webkit.org/changeset/182742