156330 – Rationalize the handling of PutById transitions a bit

Bug 156330 - Rationalize the handling of PutById transitions a bit

Summary: Rationalize the handling of PutById transitions a bit

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	WebKit Nightly Build
Hardware:	All All

Importance:	P2 Normal
Assignee:	Filip Pizlo

URL:
Keywords:

Depends on:
Blocks:

Reported:	2016-04-06 21:37 PDT by Filip Pizlo
Modified:	2016-04-07 11:17 PDT (History)
CC List:	5 users (show)

See Also:

Attachments
work in progress (9.40 KB, patch) 2016-04-06 21:37 PDT, Filip Pizlo	no flags	Details \| Formatted Diff \| Diff
the patch (10.60 KB, patch) 2016-04-07 10:33 PDT, Filip Pizlo	mark.lam: review+	Details \| Formatted Diff \| Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Filip Pizlo 2016-04-06 21:37:12 PDT

Patch forthcoming.

Comment 1 Filip Pizlo 2016-04-06 21:37:43 PDT

Created attachment 275862 [details]
work in progress

Comment 2 Filip Pizlo 2016-04-07 10:33:11 PDT

Created attachment 275894 [details]
the patch

Comment 3 Mark Lam 2016-04-07 10:55:59 PDT

Comment on attachment 275894 [details]
the patch

View in context: https://bugs.webkit.org/attachment.cgi?id=275894&action=review

r=me with fix.

> Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp:1050
> -        if (newStructure()->outOfLineCapacity() != structure()->outOfLineCapacity()
> -            && structure()->outOfLineCapacity())
> +        if (allocating)

This should be "if (reallocating)".

Comment 4 Filip Pizlo 2016-04-07 10:58:10 PDT

(In reply to comment #3)
> Comment on attachment 275894 [details]
> the patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=275894&action=review
> 
> r=me with fix.
> 
> > Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp:1050
> > -        if (newStructure()->outOfLineCapacity() != structure()->outOfLineCapacity()
> > -            && structure()->outOfLineCapacity())
> > +        if (allocating)
> 
> This should be "if (reallocating)".

Actually, it needs to be "allocating" because we now use scratchGPR3 in the store barrier slow path, which happens when we're either allocating or reallocating.

Comment 5 Mark Lam 2016-04-07 10:58:50 PDT

Comment on attachment 275894 [details]
the patch

View in context: https://bugs.webkit.org/attachment.cgi?id=275894&action=review

>>> Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp:1050
>>> +        if (allocating)
>> 
>> This should be "if (reallocating)".
> 
> Actually, it needs to be "allocating" because we now use scratchGPR3 in the store barrier slow path, which happens when we're either allocating or reallocating.

Oh, I missed that.  LGTM.

Comment 6 Filip Pizlo 2016-04-07 11:17:25 PDT

Landed in http://trac.webkit.org/changeset/199162