[Webkit-unassigned] [Bug 72313] New: DFG's inline references to objects should be tracked
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Nov 14 14:30:54 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=72313
Summary: DFG's inline references to objects should be tracked
Product: WebKit
Version: 528+ (Nightly build)
Platform: All
OS/Version: All
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: fpizlo at apple.com
Blocks: 72312
The DFG may emit code that refers to objects in the heap. This is only safe because those same objects would be referenced from inline caches maintained by the old JIT, which only works because the old JIT will never clear inline caches.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list