[Webkit-unassigned] [Bug 69583] New: Structure does not reset m_previous when pinning the property map
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Oct 6 17:05:08 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=69583
Summary: Structure does not reset m_previous when pinning the
property map
Product: WebKit
Version: 528+ (Nightly build)
Platform: All
OS/Version: All
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: fpizlo at apple.com
We pin property maps when we do a structure transition that cannot be cached. But we forget to clear m_previous.
This results in increased heap usage (more structures being kept alive), worse performance (more structures to trace on GC), and crashes when we try to rematerialize property maps (rematerialization asserts that m_previous is clear).
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list