183256 – We need to clear cached structures when having a bad time

Bug 183256 - We need to clear cached structures when having a bad time

Summary: We need to clear cached structures when having a bad time

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	WebKit Nightly Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Saam Barati

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2018-03-01 13:16 PST by Saam Barati
Modified:	2018-03-01 21:00 PST (History)
CC List:	15 users (show)

See Also:

Attachments
patch (8.07 KB, patch) 2018-03-01 13:42 PST, Saam Barati	mark.lam: review+	Details \| Formatted Diff \| Diff
patch for landing (8.31 KB, patch) 2018-03-01 14:46 PST, Saam Barati	no flags	Details \| Formatted Diff \| Diff
patch for landing (8.41 KB, patch) 2018-03-01 14:47 PST, Saam Barati	no flags	Details \| Formatted Diff \| Diff
Archive of layout-test-results from ews104 for mac-sierra-wk2 (2.97 MB, application/zip) 2018-03-01 16:10 PST, EWS Watchlist	no flags	Details
Show Obsolete (3) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Saam Barati 2018-03-01 13:16:47 PST

...

Comment 1 Saam Barati 2018-03-01 13:42:14 PST

Created attachment 334848 [details]
patch

Comment 2 Saam Barati 2018-03-01 13:43:01 PST

<rdar://problem/36245022>

Comment 3 Mark Lam 2018-03-01 13:56:45 PST

Comment on attachment 334848 [details]
patch

View in context: https://bugs.webkit.org/attachment.cgi?id=334848&action=review

r=me

> Source/JavaScriptCore/runtime/JSGlobalObject.cpp:1200
> +    auto isInEffectedGlobalObject = [&] (JSObject* object) {
> +        for (JSObject* current = object; ;) {
> +            if (current->globalObject() == m_globalObject)
> +                return true;
> +            
> +            JSValue prototypeValue = current->getPrototypeDirect(vm);
> +            if (prototypeValue.isNull())
> +                return false;
> +            current = asObject(prototypeValue);
> +        }
> +    };

I think you need a "return false" after the for loop in order to be equivalent to the original code.  But in this case, I think we should never get there.  So, let's have a RELEASE_ASSERT_NOT_REACHED() there.

> Source/JavaScriptCore/runtime/JSGlobalObject.cpp:1211
> +                    bool isRelevantGlobalObject = structure->globalObject() == m_globalObject

I suggest putting parens around the == expr.

Comment 4 Saam Barati 2018-03-01 14:04:22 PST

Comment on attachment 334848 [details]
patch

View in context: https://bugs.webkit.org/attachment.cgi?id=334848&action=review

>> Source/JavaScriptCore/runtime/JSGlobalObject.cpp:1211
>> +                    bool isRelevantGlobalObject = structure->globalObject() == m_globalObject
> 
> I suggest putting parens around the == expr.

For stylistic reasons?

Comment 5 Mark Lam 2018-03-01 14:07:10 PST

Comment on attachment 334848 [details]
patch

View in context: https://bugs.webkit.org/attachment.cgi?id=334848&action=review

>>> Source/JavaScriptCore/runtime/JSGlobalObject.cpp:1211
>>> +                    bool isRelevantGlobalObject = structure->globalObject() == m_globalObject
>> 
>> I suggest putting parens around the == expr.
> 
> For stylistic reasons?

For clarity, and for not relying on operator precedence to ensure correctness.

Comment 6 Saam Barati 2018-03-01 14:27:33 PST

(In reply to Mark Lam from comment #5)
> Comment on attachment 334848 [details]
> patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=334848&action=review
> 
> >>> Source/JavaScriptCore/runtime/JSGlobalObject.cpp:1211
> >>> +                    bool isRelevantGlobalObject = structure->globalObject() == m_globalObject
> >> 
> >> I suggest putting parens around the == expr.
> > 
> > For stylistic reasons?
> 
> For clarity, and for not relying on operator precedence to ensure
> correctness.

I’m fine with this change.

However, I don’t think the latter is something we normally do. See: math in most places in WK

Comment 7 Saam Barati 2018-03-01 14:40:47 PST

Comment on attachment 334848 [details]
patch

View in context: https://bugs.webkit.org/attachment.cgi?id=334848&action=review

> Source/JavaScriptCore/runtime/JSGlobalObject.cpp:1227
> +    if (isInEffectedGlobalObject(object))

This is broken here. Should be inverted.

Comment 8 Mark Lam 2018-03-01 14:42:14 PST

Comment on attachment 334848 [details]
patch

View in context: https://bugs.webkit.org/attachment.cgi?id=334848&action=review

>> Source/JavaScriptCore/runtime/JSGlobalObject.cpp:1227
>> +    if (isInEffectedGlobalObject(object))
> 
> This is broken here. Should be inverted.

Sorry I missed that.

Comment 9 Saam Barati 2018-03-01 14:44:11 PST

Comment on attachment 334848 [details]
patch

View in context: https://bugs.webkit.org/attachment.cgi?id=334848&action=review

>>> Source/JavaScriptCore/runtime/JSGlobalObject.cpp:1227
>>> +    if (isInEffectedGlobalObject(object))
>> 
>> This is broken here. Should be inverted.
> 
> Sorry I missed that.

No worries. I meant to move the m_foundObjects.append to here, but forgot to. Good thing jsc tests found it.

Comment 10 Saam Barati 2018-03-01 14:46:03 PST

Created attachment 334856 [details]
patch for landing

Comment 11 Saam Barati 2018-03-01 14:47:23 PST

Created attachment 334857 [details]
patch for landing

Comment 12 EWS Watchlist 2018-03-01 16:10:11 PST

Comment on attachment 334857 [details]
patch for landing

Attachment 334857 [details] did not pass mac-wk2-ews (mac-wk2):
Output: http://webkit-queues.webkit.org/results/6726252

New failing tests:
webrtc/video-replace-muted-track.html

Comment 13 EWS Watchlist 2018-03-01 16:10:12 PST

Created attachment 334864 [details]
Archive of layout-test-results from ews104 for mac-sierra-wk2

The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews.
Bot: ews104  Port: mac-sierra-wk2  Platform: Mac OS X 10.12.6

Comment 14 Saam Barati 2018-03-01 19:06:29 PST

(In reply to Build Bot from comment #12)
> Comment on attachment 334857 [details]
> patch for landing
> 
> Attachment 334857 [details] did not pass mac-wk2-ews (mac-wk2):
> Output: http://webkit-queues.webkit.org/results/6726252
> 
> New failing tests:
> webrtc/video-replace-muted-track.html

Seems unrelated, but it happened twice. Ima build and try to reproduce.

Comment 15 Saam Barati 2018-03-01 19:07:36 PST

(In reply to Saam Barati from comment #14)
> (In reply to Build Bot from comment #12)
> > Comment on attachment 334857 [details]
> > patch for landing
> > 
> > Attachment 334857 [details] did not pass mac-wk2-ews (mac-wk2):
> > Output: http://webkit-queues.webkit.org/results/6726252
> > 
> > New failing tests:
> > webrtc/video-replace-muted-track.html
> 
> Seems unrelated, but it happened twice. Ima build and try to reproduce.

Reading the test, this seems super unlikely. However, I'll wait until I have a full build to verify.

Comment 16 Saam Barati 2018-03-01 20:35:10 PST

(In reply to Saam Barati from comment #15)
> (In reply to Saam Barati from comment #14)
> > (In reply to Build Bot from comment #12)
> > > Comment on attachment 334857 [details]
> > > patch for landing
> > > 
> > > Attachment 334857 [details] did not pass mac-wk2-ews (mac-wk2):
> > > Output: http://webkit-queues.webkit.org/results/6726252
> > > 
> > > New failing tests:
> > > webrtc/video-replace-muted-track.html
> > 
> > Seems unrelated, but it happened twice. Ima build and try to reproduce.
> 
> Reading the test, this seems super unlikely. However, I'll wait until I have
> a full build to verify.

This test doesn't "have a bad time" so I have no idea how my change could effect it. I'm going to CQ+.

Comment 17 WebKit Commit Bot 2018-03-01 21:00:12 PST

Comment on attachment 334857 [details]
patch for landing

Clearing flags on attachment: 334857

Committed r229161: <https://trac.webkit.org/changeset/229161>

Comment 18 WebKit Commit Bot 2018-03-01 21:00:13 PST

All reviewed patches have been landed.  Closing bug.