[webkit-reviews] review denied: [Bug 179355] AccessGenerationState::preserveLiveRegistersToStackForCall() should allow some registers to be excluded. : [Attachment 326177] proposed patch.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Nov 6 18:10:52 PST 2017
Saam Barati <sbarati at apple.com> has denied review:
Bug 179355: AccessGenerationState::preserveLiveRegistersToStackForCall() should
allow some registers to be excluded.
https://bugs.webkit.org/show_bug.cgi?id=179355
Attachment 326177: proposed patch.
https://bugs.webkit.org/attachment.cgi?id=326177&action=review
--- Comment #4 from Saam Barati <sbarati at apple.com> ---
Comment on attachment 326177
--> https://bugs.webkit.org/attachment.cgi?id=326177
proposed patch.
View in context: https://bugs.webkit.org/attachment.cgi?id=326177&action=review
> Source/JavaScriptCore/bytecode/AccessCase.cpp:677
> + RegisterSet resultRegistersToExclude;
> + if (isGetter())
> + resultRegistersToExclude.set(valueRegs);
I believe this is wrong. Imagine we make a getter call, and the base/result are
allocated the same register. Assume that the getter throws an exception. Assume
OSR exit now needs to recover the original base. This code breaks that.
More information about the webkit-reviews
mailing list