[webkit-reviews] review granted: [Bug 213442] [JSC] llintTrue / jitTrue can encounter native functions : [Attachment 402414] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Jun 20 20:46:34 PDT 2020
Mark Lam <mark.lam at apple.com> has granted Yusuke Suzuki <ysuzuki at apple.com>'s
request for review:
Bug 213442: [JSC] llintTrue / jitTrue can encounter native functions
https://bugs.webkit.org/show_bug.cgi?id=213442
Attachment 402414: Patch
https://bugs.webkit.org/attachment.cgi?id=402414&action=review
--- Comment #4 from Mark Lam <mark.lam at apple.com> ---
Comment on attachment 402414
--> https://bugs.webkit.org/attachment.cgi?id=402414
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=402414&action=review
r=me. Can you make 2 changes?
1. rename jiTrue() to baselineJITTrue() or baselineTrue() to be consistent with
our now current distinction between useJIT() and useBaselineJIT()?
2. enhance your test case to actually verify that $vm.llintTrue() only returns
true when the function is a LLint function, and $vm.baselineJITTrue() only
returns true if the function is baseline compiled.
You can do this verification by doing str = $vm.codeBlockFor(func), and parsing
the str for "LLIntFunctionCall", "BaselineFunctionCall", "DFGFunctionCall", or
"FTLFunctionCall".
>> Source/JavaScriptCore/tools/JSDollarVM.cpp:1798
>> + }
>
> If the caller is not JS code, we continue traversing. I don't think this is
meaningful in practice, but keep this semantics as is.
I agree. It should only check the immediate caller. Let's fix it and test
accordingly.
More information about the webkit-reviews
mailing list