Bug 214586 - Fix FinalizationRegistry GC finalizer interation
Summary: Fix FinalizationRegistry GC finalizer interation
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Keith Miller
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2020-07-20 20:44 PDT by Keith Miller
Modified: 2020-07-21 12:38 PDT (History)
7 users (show)

See Also:

Attachments
Patch (4.05 KB, patch)
2020-07-20 20:53 PDT, Keith Miller 		no flags Details | Formatted Diff | Diff
Patch for landing (7.55 KB, patch)
2020-07-21 12:00 PDT, Keith Miller 		no flags Details | Formatted Diff | Diff
Patch for landing (7.96 KB, patch)
2020-07-21 12:04 PDT, Keith Miller 		no flags Details | Formatted Diff | Diff
Patch for landing (7.95 KB, patch)
2020-07-21 12:07 PDT, Keith Miller 		no flags Details | Formatted Diff | Diff
Show Obsolete (3) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Keith Miller 2020-07-20 20:44:40 PDT 
Fix FinalizationRegistry GC finalizer interation
Comment 1 Keith Miller 2020-07-20 20:53:20 PDT 
Created attachment 404791 [details]
Patch
Comment 2 Mark Lam 2020-07-20 22:04:26 PDT 
Comment on attachment 404791 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=404791&action=review

r=me

> Source/JavaScriptCore/ChangeLog:9
> +        Turns out when you remove the ith element from an table and you

/an table/a Vector/.  I think the data structure you're using is a Vector, right?
Comment 3 Mark Lam 2020-07-20 22:05:53 PDT 
Can you also check why the jsc EWS bot is failing?  Please fix if it's your failure.  Please file a bug if the failure is not yours.  Thanks.
Comment 4 Yusuke Suzuki 2020-07-21 07:47:39 PDT 
Comment on attachment 404791 [details]
Patch

r=me too.
Comment 5 Keith Miller 2020-07-21 12:00:50 PDT 
Created attachment 404846 [details]
Patch for landing
Comment 6 Keith Miller 2020-07-21 12:04:30 PDT 
Created attachment 404847 [details]
Patch for landing
Comment 7 Mark Lam 2020-07-21 12:05:11 PDT 
Comment on attachment 404846 [details]
Patch for landing

View in context: https://bugs.webkit.org/attachment.cgi?id=404846&action=review

> Source/JavaScriptCore/runtime/DeferredWorkTimer.cpp:113
> +    ASSERT(vm.currentThreadIsHoldingAPILock() || (Thread::mayBeGCThread() && ticket->vm().heap.worldIsStopped()));

Why ticket->vm()?  You have the VM& right there.
Comment 8 Keith Miller 2020-07-21 12:07:09 PDT 
Created attachment 404848 [details]
Patch for landing
Comment 9 Keith Miller 2020-07-21 12:12:22 PDT 
(In reply to Mark Lam from comment #7)
> Comment on attachment 404846 [details]
> Patch for landing
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=404846&action=review
> 
> > Source/JavaScriptCore/runtime/DeferredWorkTimer.cpp:113
> > +    ASSERT(vm.currentThreadIsHoldingAPILock() || (Thread::mayBeGCThread() && ticket->vm().heap.worldIsStopped()));
> 
> Why ticket->vm()?  You have the VM& right there.

Fair enough, twas a copy paste artifact.
Comment 10 EWS 2020-07-21 12:37:02 PDT 
Committed r264673: <https://trac.webkit.org/changeset/264673>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 404848 [details].
Comment 11 Radar WebKit Bug Importer 2020-07-21 12:38:16 PDT 
<rdar://problem/65897598>