From b914bea88ea0371f0b37781a2d0db03759bd5a7e Mon Sep 17 00:00:00 2001
From: k0kubun <k0kubun@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Sat, 20 Apr 2019 04:50:21 +0000
Subject: Check ISeq references in stale_units too

This is a possible bug from recent "JIT recompile" introduction.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67631 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 mjit.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'mjit.c')

diff --git a/mjit.c b/mjit.c
index b7bf25168d..0cedd55e57 100644
--- a/mjit.c
+++ b/mjit.c
@@ -141,6 +141,7 @@ mjit_free_iseq(const rb_iseq_t *iseq)
 {
     if (!mjit_enabled)
         return;
+
     CRITICAL_SECTION_START(4, "mjit_free_iseq");
     if (mjit_copy_job.iseq == iseq) {
         mjit_copy_job.iseq = NULL;
@@ -150,6 +151,15 @@ mjit_free_iseq(const rb_iseq_t *iseq)
         // lists of units. `get_from_list` and `mjit_finish` do the job.
         iseq->body->jit_unit->iseq = NULL;
     }
+    // Units in stale_units (list of over-speculated and invalidated code) are not referenced from
+    // `iseq->body->jit_unit` anymore (because new one replaces that). So we need to check them too.
+    // TODO: we should be able to reduce the number of units checked here.
+    struct rb_mjit_unit *unit = NULL;
+    list_for_each(&stale_units.head, unit, unode) {
+        if (unit->iseq == iseq) {
+            unit->iseq = NULL;
+        }
+    }
     CRITICAL_SECTION_FINISH(4, "mjit_free_iseq");
 }
 
-- 
cgit v1.2.3