[Webkit-unassigned] [Bug 143999] Remove AllocationProfileWatchpoint node
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Apr 21 11:22:38 PDT 2015
https://bugs.webkit.org/show_bug.cgi?id=143999
--- Comment #2 from Basile Clement <basile_clement at apple.com> ---
Comment on attachment 251246
--> https://bugs.webkit.org/attachment.cgi?id=251246
Tentative patch, non thread-safe
View in context: https://bugs.webkit.org/attachment.cgi?id=251246&action=review
> Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp:2643
> if (Structure* structure = function->allocationStructure()) {
We probably need to freeze the rare data here, in case it is removed by the JS thread and then the GC runs at that point.
Not sure how to do this, I first need to investigate more deeply how freeze() & the GC works.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150421/ef86f2d2/attachment.html>
More information about the webkit-unassigned
mailing list