WebKit Bugzilla
Attachment 361037 Details for
Bug 194211
: DFG's doesGC() is incorrect about the SameValue node's behavior.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
proposed patch.
bug-194211.patch (text/plain), 1.61 KB, created by
Mark Lam
on 2019-02-03 21:02:53 PST
(
hide
)
Description:
proposed patch.
Filename:
MIME Type:
Creator:
Mark Lam
Created:
2019-02-03 21:02:53 PST
Size:
1.61 KB
patch
obsolete
>Index: Source/JavaScriptCore/ChangeLog >=================================================================== >--- Source/JavaScriptCore/ChangeLog (revision 240914) >+++ Source/JavaScriptCore/ChangeLog (working copy) >@@ -1,3 +1,17 @@ >+2019-02-03 Mark Lam <mark.lam@apple.com> >+ >+ DFG's doesGC() is incorrect about the SameValue node's behavior. >+ https://bugs.webkit.org/show_bug.cgi?id=194211 >+ <rdar://problem/47608913> >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Only the DoubleRepUse case is guaranteed to not GC. The other case may GC because >+ it calls operationSameValue() which may allocate memory for resolving ropes. >+ >+ * dfg/DFGDoesGC.cpp: >+ (JSC::DFG::doesGC): >+ > 2019-02-01 Yusuke Suzuki <ysuzuki@apple.com> > > [JSC] Decouple JIT related data from CodeBlock >Index: Source/JavaScriptCore/dfg/DFGDoesGC.cpp >=================================================================== >--- Source/JavaScriptCore/dfg/DFGDoesGC.cpp (revision 240914) >+++ Source/JavaScriptCore/dfg/DFGDoesGC.cpp (working copy) >@@ -155,7 +155,6 @@ bool doesGC(Graph& graph, Node* node) > case CompareEq: > case CompareStrictEq: > case CompareEqPtr: >- case SameValue: > case Call: > case DirectCall: > case TailCallInlinedCaller: >@@ -413,6 +412,11 @@ bool doesGC(Graph& graph, Node* node) > case MultiPutByOffset: > return node->multiPutByOffsetData().reallocatesStorage(); > >+ case SameValue: >+ if (node->isBinaryUseKind(DoubleRepUse)) >+ return false; >+ return true; >+ > case LastNodeType: > RELEASE_ASSERT_NOT_REACHED(); > return true;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=361037">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
saam
:
review+
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 194211
: 361037