Ignore:
Timestamp:
Jun 14, 2014, 10:43:32 AM (11 years ago)
Author:
[email protected]
Message:

operationCreateArguments could cause a GC during OSR exit
https://bugs.webkit.org/show_bug.cgi?id=133905

Reviewed by Filip Pizlo.

Defer GC via new wrapper functions for operationCreateArguments and operationCreateInlinedArguments
for use by OSR exit stubs.

  • dfg/DFGOSRExitCompilerCommon.cpp:

(JSC::DFG::ArgumentsRecoveryGenerator::generateFor):

  • dfg/DFGOperations.cpp:
  • dfg/DFGOperations.h:
  • jit/JITOperations.cpp:
  • jit/JITOperations.h:
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/dfg/DFGOperations.cpp

    r168459 r169973  
    770770}
    771771
     772JSCell* JIT_OPERATION operationCreateInlinedArgumentsDuringOSRExit(ExecState* exec, InlineCallFrame* inlineCallFrame)
     773{
     774    DeferGCForAWhile(exec->vm().heap);
     775    return operationCreateInlinedArguments(exec, inlineCallFrame);
     776}
     777
    772778void JIT_OPERATION operationTearOffInlinedArguments(
    773779    ExecState* exec, JSCell* argumentsCell, JSCell* activationCell, InlineCallFrame* inlineCallFrame)
Note: See TracChangeset for help on using the changeset viewer.