[webkit-reviews] review granted: [Bug 204876] [JSC] Adhocly created CallLinkInfo in GetterSetterAccess should be owned by GCAwareJITStubRoutine : [Attachment 385320] Patch

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Dec 10 17:24:14 PST 2019


Saam Barati <sbarati at apple.com> has granted Yusuke Suzuki <ysuzuki at apple.com>'s
request for review:
Bug 204876: [JSC] Adhocly created CallLinkInfo in GetterSetterAccess should be
owned by GCAwareJITStubRoutine
https://bugs.webkit.org/show_bug.cgi?id=204876

Attachment 385320: Patch

https://bugs.webkit.org/attachment.cgi?id=385320&action=review




--- Comment #5 from Saam Barati <sbarati at apple.com> ---
Comment on attachment 385320
  --> https://bugs.webkit.org/attachment.cgi?id=385320
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=385320&action=review

> Source/JavaScriptCore/ChangeLog:10
> +	   so long as it is live in the stack (which means we are executing
this code right now), but GetterSetterAccesssCase itself can

you should say how, since this isn't intuitive. E.g, GetterSetterAccessCase
might be destroyed when the StructureStubInfo is reset.

> Source/JavaScriptCore/bytecode/GetterSetterAccessCase.h:42
> +    // CallLinkInfo's ownership is held by generated code.

is held by generated code => is held both by generated code via
GCAwareJITStubRoutine and PolymorphicAccess.

Maybe also explain that PolymorphicAccess can be destroyed before the
CallLinkInfo is destroyed, since the GCAwareJITStubRoutine owns the
CallLinkInfo


More information about the webkit-reviews mailing list