This could also be addressed by having stub routines hold RefPtr's to each other. For example, in the case of a getter, we have the following objects: 1) PolymorphicAccess 2) AccessCase 3) CallLinkInfo 4) JITStubRoutine for PolymorphicAccess 5) JITStubRoutine for CallLinkInfo Currently we would have the following ownership/ref rules: (1) owns (2) (2) owns (3) (1) refs (4) (3) refs (5) Everything would be fine if we also added: (5) refs (4) This feels like it might be a bit ad-hoc and certainly not as flexible if these were GC cells. But, it would work! In particular: - If (5) gets deleted, then (3)->(5) must have been cleared first. - If (4) gets deleted, then (1)->(4) and (5)->(4) must have been cleared first. - If the owning stub gets destroyed, then everyone gets deleted. Basically, there is no case where things leak and there is no case where a dangling pointer is left behind. This could be implemented by giving CallLinkInfo a pointer to its owning JIT stub routine, or more generally, its "JIT owner". This would mean that we'd also have: (3) refs (4). Then, when the CallLinkInfo needs to spawn a stub routine, it can ensure that this new stub routine refs the stub that owned the CallLinkInfo.

<rdar://problem/128886060>

Pull request: https://github.com/WebKit/WebKit/pull/29187

Committed 279410@main (5dec07a85f6e): <https://commits.webkit.org/279410@main> Reviewed commits have been landed. Closing PR #29187 and removing active labels.