[Webkit-unassigned] [Bug 143960] REGRESSION (r182899): icloud.com crashes
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Apr 21 10:25:37 PDT 2015
https://bugs.webkit.org/show_bug.cgi?id=143960
--- Comment #10 from Filip Pizlo <fpizlo at apple.com> ---
(In reply to comment #9)
> (In reply to comment #7)
> > Comment on attachment 251211 [details]
> > Slow (but clean) patch
> >
> > View in context:
> > https://bugs.webkit.org/attachment.cgi?id=251211&action=review
> >
> > It's surprising that this patch is a slow-down. :-/
> >
> > > Source/JavaScriptCore/dfg/DFGWatchpointCollectionPhase.cpp:116
> > > - case AllocationProfileWatchpoint:
> > > - addLazily(m_node->castOperand<JSFunction*>()->allocationProfileWatchpointSet());
> > > + case AllocationProfileWatchpoint: {
> > > + InlineWatchpointSet* watchpointSet = m_node->castOperand<JSFunction*>()->allocationProfileWatchpointSet();
> > > + // If we reach this point, the function's rare data was allocated when the AllocationProfileWatchpoint
> > > + // was added to the graph. We never de-allocate the rare data, so it must still be present, and the
> > > + // allocationProfileWatchpointSet with it.
> > > + ASSERT (watchpointSet);
> > > + addLazily(*watchpointSet);
> > > break;
> > > + }
> >
> > It would be better to remove the AllocationProfileWatchpoint node in this
> > patch, and do the watchpoint set registration in ByteCodeParser.
>
> I thought we said we shouldn't do this?
>
> (Splitting this into smaller more atomic patches)
Ah - it makes sense to do that as a different patch, if you like.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150421/644c1517/attachment.html>
More information about the webkit-unassigned
mailing list