| Summary: | Set the activeLength of all ScratchBuffers to zero when exiting the VM | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | Simon Fraser (smfr) <simon.fraser> | ||||||
| Component: | JavaScriptCore | Assignee: | Saam Barati <saam> | ||||||
| Status: | RESOLVED FIXED | ||||||||
| Severity: | Normal | CC: | commit-queue, ews-watchlist, ggaren, keith_miller, mark.lam, msaboff, saam, simon.fraser, webkit-bug-importer, ysuzuki | ||||||
| Priority: | P2 | Keywords: | InRadar | ||||||
| Version: | WebKit Nightly Build | ||||||||
| Hardware: | Unspecified | ||||||||
| OS: | Unspecified | ||||||||
| Attachments: |
|
||||||||
|
Description
Simon Fraser (smfr)
2018-06-04 14:17:01 PDT
Patch forthcoming Created attachment 341922 [details]
patch
Comment on attachment 341922 [details]
patch
r=me.
Keith mentioned doing this in a follow-up: https://bugs.webkit.org/show_bug.cgi?id=186292 Created attachment 341940 [details]
patch for landing
Comment on attachment 341940 [details] patch for landing Clearing flags on attachment: 341940 Committed r232490: <https://trac.webkit.org/changeset/232490> All reviewed patches have been landed. Closing bug. Under what conditions do we enter the garbage collector with a live scratch buffer? OSR exit with object re-materialization, maybe? Just wondering why we need to mark scratch buffers at all... (In reply to Geoffrey Garen from comment #9) > Under what conditions do we enter the garbage collector with a live scratch > buffer? OSR exit with object re-materialization, maybe? Just wondering why > we need to mark scratch buffers at all... There are probably more cases than that. Some quick grepping: - OSR entry in loops and catch. I guess it's non-obvious if we need contents marked here. - Array push with > 1 argument - NewArray - NewArrayWithSpread - OSR exit as you said |