[webkit-reviews] review denied: [Bug 109933] JSC asserting on division in debug mode ARM traditional : [Attachment 188560] proposed fix
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Mar 6 11:47:21 PST 2013
Filip Pizlo <fpizlo at apple.com> has denied Gabor Rapcsanyi <rgabor at webkit.org>'s
request for review:
Bug 109933: JSC asserting on division in debug mode ARM traditional
https://bugs.webkit.org/show_bug.cgi?id=109933
Attachment 188560: proposed fix
https://bugs.webkit.org/attachment.cgi?id=188560&action=review
------- Additional Comments from Filip Pizlo <fpizlo at apple.com>
View in context: https://bugs.webkit.org/attachment.cgi?id=188560&action=review
I don't think that setting the ref count like this is a good idea. Can you
explain the justification, beyond just "it makes the assertions go away"?
Also this code look like it is now obsolete. We don't do ref counting on nodes
in ToT.
> Source/JavaScriptCore/dfg/DFGFixupPhase.cpp:317
> + newDivision->setRefCount(newDivision->refCount() -
node->refCount());
This is almost certainly wrong.
More information about the webkit-reviews
mailing list