[Webkit-unassigned] [Bug 193938] New: We should add code to validate expected GC activity modelled by doesGC() against what the runtime encounters.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Jan 28 16:35:28 PST 2019
https://bugs.webkit.org/show_bug.cgi?id=193938
Bug ID: 193938
Summary: We should add code to validate expected GC activity
modelled by doesGC() against what the runtime
encounters.
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
Assignee: webkit-unassigned at lists.webkit.org
Reporter: mark.lam at apple.com
For example, in a debug build (or maybe a ASAN build, when we expect everything to be slow), we should try to do the following:
1. JIT compile time verification
Have a list of DFG operations that are expected to not have GC activity.
At compile time, maybe in DFG's SpeculativeJIT or FTL LowerTOB3, assert that the expected GC activity modeled by doesGC() matches the operations we're going to call. This is
The reliability of this verification relies on us declaring correctly if a DFG operation is expected to not GC.
2. Runtime verification
For any operations that are not expected to GC:
a. Before the operation call, set a flag in the VM.
b. Modify the GC to clear that flag.
c. After the operation call, check the flag to make sure that it is still set.
If the flag is not set, report the issue and crash.
Else, clear the flag.
The reliability of this verification relies on us having sufficient code coverage in our test suite to be able to trigger GCs if they are possible in the relevant code paths we are asserting.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190129/924623eb/attachment.html>
More information about the webkit-unassigned
mailing list