149050 – Fix JSC_objectsAreImmortal to work with JSC_useZombieMode

ASSIGNED149050

Fix JSC_objectsAreImmortal to work with JSC_useZombieMode

https://bugs.webkit.org/show_bug.cgi?id=149050

Summary Fix JSC_objectsAreImmortal to work with JSC_useZombieMode

Mark Lam

Reported 2015-09-10 16:36:19 PDT

Previously, JSC_objectsAreImmortal works by marking all dead objects. If we also have JSC_useZombieMode enabled, the marking of dead objects may end up walking over zombified objects and crash the VM. To be compatible with JSC_useZombieMode, We can make JSC_objectsAreImmortal work by sweeping dead objects but never freeing them instead.

Attachments
work in progress (15.88 KB, patch) 2015-09-14 13:28 PDT, Mark Lam	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Mark Lam

Comment 1 2015-09-14 13:28:31 PDT

Created attachment 261127 [details] work in progress AFAIK, this patch works. The only issue is that the test case is not able to reproduce the original issue (which I previously observed why debugging some real world bug). Archiving this patch for now and moving on until I see this issue again or think of how to reproduce it.

Note You need to log in before you can comment on or make changes to this bug.

Status ASSIGNED

Resolution

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Local Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component JavaScriptCore

Assignee

Mark Lam

Reported

2015-09-10 16:36 PDT

Modified

2015-09-14 13:28 PDT History

CC List

6 users Show

URL

Keywords

Depends on

Blocks