[Webkit-unassigned] [Bug 73390] New: DFG local CSE may cause incorrect reference counting for a node
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Nov 29 20:14:50 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=73390
Summary: DFG local CSE may cause incorrect reference counting
for a node
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: yuqiang.xian at intel.com
CC: barraclough at apple.com, fpizlo at apple.com
When performing a node substitution, the ref count of the replaced child will be increased, no matter whether the user node is skipped in code generation or not. This will cause the reference count of the replaced child never get the chance to become zero and so the registers occupied by it cannot be reused simply without spilling, if it's used by a "skipped" node.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list