RESOLVED FIXED 236278
IDBRequest should emit write barrier on JSValueInWrappedObject modification 
https://bugs.webkit.org/show_bug.cgi?id=236278
Summary IDBRequest should emit write barrier on JSValueInWrappedObject modification
Yusuke Suzuki
Reported 2022-02-07 19:35:43 PST
https://bugs.webkit.org/show_bug.cgi?id=194806 introduced JSValueInWrappedObject assignment, but this is not correct in terms of semantics since we are not emitting a write-barrier. So, these fields can be collected by concurrent GC. See https://bugs.webkit.org/show_bug.cgi?id=236277's FIXME comment for more detail.
Attachments
Patch (10.53 KB, patch)
2022-02-08 16:12 PST, Sihui Liu 		no flags
DetailsFormatted DiffDiff
Patch for landing (10.53 KB, patch)
2022-02-09 23:29 PST, Sihui Liu 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Sihui Liu
Comment 1 2022-02-08 16:12:06 PST
Created attachment 451319 [details] Patch
Geoffrey Garen
Comment 2 2022-02-09 09:49:01 PST
Comment on attachment 451319 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=451319&action=review r=me > Source/WebCore/ChangeLog:15 > + This has a semantice error as the swap process does not emit write barrier (webkit.org/b/236277). To fix the semantice => semantic
Sihui Liu
Comment 3 2022-02-09 23:29:46 PST
Created attachment 451496 [details] Patch for landing
EWS
Comment 4 2022-02-10 00:18:14 PST
Committed r289522 (247053@main): <https://commits.webkit.org/247053@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 451496 [details].
Radar WebKit Bug Importer
Comment 5 2022-02-10 00:19:19 PST
<rdar://problem/88740386>
EWS
Comment 6 2023-02-09 11:24:32 PST
Committed 260073@main (4d3456e83828): <https://commits.webkit.org/260073@main> Reviewed commits have been landed. Closing PR #9696 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.