Bug 133905

Summary:

operationCreateArguments could cause a GC during OSR exit

Product:

WebKit

Reporter:

Michael Saboff <msaboff>

Component:

JavaScriptCore

Assignee:

Michael Saboff <msaboff>

Status:

RESOLVED FIXED

Severity:

Normal

Priority:

Version:

528+ (Nightly build)

Hardware:

All

OS:

All

Attachments:

Description	Flags
Patch	fpizlo: review+

Michael Saboff

Reported 2014-06-14 10:23:49 PDT

We should delay GC during createArguments when called from OSR exit stub.

Attachments
Patch (5.94 KB, patch) 2014-06-14 10:32 PDT, Michael Saboff	fpizlo: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Michael Saboff

Comment 1 2014-06-14 10:32:30 PDT

Created attachment 233110 [details] Patch

Michael Saboff

Comment 2 2014-06-14 10:44:41 PDT

Committed r169973: <http://trac.webkit.org/changeset/169973>

Geoffrey Garen

Comment 3 2014-06-16 11:38:24 PDT

Comment on attachment 233110 [details] Patch Why did you choose to special-case arguments recovery, rather than deferring GC throughout the OSR exit process?

Michael Saboff

Comment 4 2014-06-16 12:47:28 PDT

(In reply to comment #3) > (From update of attachment 233110 [details]) > Why did you choose to special-case arguments recovery, rather than deferring GC throughout the OSR exit process? This was the only place that Mark H and I found where we callout and allocate an object. Also, it seemed more error prone to create a JIT equivalent of DeferGCForAWhile to wrap an OSR exit stub.

Note You need to log in before you can comment on or make changes to this bug.