WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
213069
[JSC] Return DisposableCallSiteIndex when destroying GCAwareJITStubRoutineWithExceptionHandler
https://bugs.webkit.org/show_bug.cgi?id=213069
Summary
[JSC] Return DisposableCallSiteIndex when destroying GCAwareJITStubRoutineWit...
Yusuke Suzuki
Reported
2020-06-10 23:15:10 PDT
[JSC] Return DisposableCallSiteIndex when destroying GCAwareJITStubRoutineWithExceptionHandler
Attachments
Patch
(39.27 KB, patch)
2020-06-10 23:27 PDT
,
Yusuke Suzuki
no flags
Details
Formatted Diff
Diff
Patch
(39.78 KB, patch)
2020-06-10 23:45 PDT
,
Yusuke Suzuki
no flags
Details
Formatted Diff
Diff
Show Obsolete
(1)
View All
Add attachment
proposed patch, testcase, etc.
Yusuke Suzuki
Comment 1
2020-06-10 23:27:05 PDT
Created
attachment 401622
[details]
Patch
Yusuke Suzuki
Comment 2
2020-06-10 23:27:07 PDT
<
rdar://problem/64205186
>
Yusuke Suzuki
Comment 3
2020-06-10 23:31:19 PDT
Comment on
attachment 401622
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=401622&action=review
> Source/JavaScriptCore/dfg/DFGCodeOriginPool.h:51 > + HashSet<unsigned, WTF::IntHash<unsigned>, WTF::UnsignedWithZeroKeyHashTraits<unsigned>> m_callSiteIndexFreeList;
I don't know why it is HashSet. Maybe, we can just make it Vector.
Yusuke Suzuki
Comment 4
2020-06-10 23:45:34 PDT
Created
attachment 401624
[details]
Patch
Yusuke Suzuki
Comment 5
2020-06-11 01:34:54 PDT
mac-debug-wk1 is recently crashing.
https://results.webkit.org/?suite=layout-tests&test=js%2Fdom%2Fpromise-stack-overflow.html
And it seems that crash is unrelated to this.
https://build.webkit.org/results/Apple-Catalina-Release-WK1-Tests/r262781%20(6547)/js/dom/promise-stack-overflow-crash-log.txt
Saam Barati
Comment 6
2020-06-11 09:28:48 PDT
Comment on
attachment 401624
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=401624&action=review
> Source/JavaScriptCore/jit/GCAwareJITStubRoutine.cpp:132 > + m_codeOriginPool = nullptr;
When is this function called?
Yusuke Suzuki
Comment 7
2020-06-11 12:33:39 PDT
Comment on
attachment 401624
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=401624&action=review
>> Source/JavaScriptCore/jit/GCAwareJITStubRoutine.cpp:132 >> + m_codeOriginPool = nullptr; > > When is this function called?
This function is called when CodeBlock is destroying whole JIT related data. 1. CodeBlock itself is getting destroyed. 2. Destroying entire JITData via resetJITData So, we can just make it nullptr, since everything will be destroyed.
Saam Barati
Comment 8
2020-06-11 12:38:14 PDT
Comment on
attachment 401624
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=401624&action=review
r=me
>>> Source/JavaScriptCore/jit/GCAwareJITStubRoutine.cpp:132 >>> + m_codeOriginPool = nullptr; >> >> When is this function called? > > This function is called when CodeBlock is destroying whole JIT related data. > > 1. CodeBlock itself is getting destroyed. > 2. Destroying entire JITData via resetJITData > > So, we can just make it nullptr, since everything will be destroyed.
Right. That's what I remembered, just wanted to make sure.
EWS
Comment 9
2020-06-11 13:11:38 PDT
Committed
r262920
: <
https://trac.webkit.org/changeset/262920
> All reviewed patches have been landed. Closing bug and clearing flags on
attachment 401624
[details]
.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug