[Webkit-unassigned] [Bug 103727] Unset NodeMustGenerate flag for Call nodes of few String.prototype.* pure functions
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Apr 23 17:06:00 PDT 2013
https://bugs.webkit.org/show_bug.cgi?id=103727
Filip Pizlo <fpizlo at apple.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #177258|review? |review-
Flag| |
--- Comment #7 from Filip Pizlo <fpizlo at apple.com> 2013-04-23 17:04:19 PST ---
(From update of attachment 177258)
View in context: https://bugs.webkit.org/attachment.cgi?id=177258&action=review
I think this will be unsound if we exit prior to where the call used to be, and the baseline JIT uses callee and this in the call. It'll probably crap out with an exception like that 'undefined' isn't callable. You should figure out what you want to do about that. One option is to convert the Call to a Phantom. A potentially better solution is to just make those functions intrinsic. That would save you from a lot of the trouble.
> Source/JavaScriptCore/dfg/DFGConstantFoldingPhase.cpp:89
> + const HashTableValue& fEntry = JSC::stringTable.values[i];
I don't think we want this to become a pattern. It would be much better to make split and friends into intrinsics and detect this in the parser. It will conserve compile times, among other things.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list