[webkit-reviews] review granted: [Bug 189940] Calls to baselineCodeBlockForOriginAndBaselineCodeBlock in operationMaterializeObjectInOSR should actually pass in the baseline CodeBlock : [Attachment 350726] patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Sep 25 12:48:39 PDT 2018
Mark Lam <mark.lam at apple.com> has granted Saam Barati <sbarati at apple.com>'s
request for review:
Bug 189940: Calls to baselineCodeBlockForOriginAndBaselineCodeBlock in
operationMaterializeObjectInOSR should actually pass in the baseline CodeBlock
https://bugs.webkit.org/show_bug.cgi?id=189940
Attachment 350726: patch
https://bugs.webkit.org/attachment.cgi?id=350726&action=review
--- Comment #4 from Mark Lam <mark.lam at apple.com> ---
Comment on attachment 350726
--> https://bugs.webkit.org/attachment.cgi?id=350726
patch
View in context: https://bugs.webkit.org/attachment.cgi?id=350726&action=review
r=me
> Source/JavaScriptCore/ChangeLog:14
> + We were calling baselineCodeBlockForOriginAndBaselineCodeBlock with
the FTL
> + CodeBlock. There is nothing semantically wrong with doing that
(except for
> + poor naming), however, the poor naming here led us to make a real
semantic
> + mistake. We wanted the baseline CodeBlock's constant pool, but we
were
> + accessing the FTL CodeBlock's constant pool accidentally. We need to
> + access the baseline CodeBlock's constant pool when we update the
NewArrayBuffer
> + constant value.
In baselineCodeBlockForOriginAndBaselineCodeBlock(), can we
ASSERT(JITCode::isBaselineCode(baselineCodeBlock->jitType())? That will help
catch this error sooner in the future.
More information about the webkit-reviews
mailing list