[webkit-dev] MIPS port problem - cti_op_put_by_id slow case problem
Toshiyasu Morita
tm_webkit at yahoo.com
Tue Jun 16 16:53:48 PDT 2009
I've gotten the MIPS port up to where it can compile and execute through about 9 functions of a testcase before it crashes.
The reason for the crash appears to be related to op_put_by_id. When this opcode is compiled, the JIT executes:
void JIT::compilePutByIdSlowCase(int baseVReg, Identifier* ident, int, Vector<SlowCaseEntry>::iterator& iter, unsigned propertyAccessInstructionIndex)
{
linkSlowCaseIfNotJSCell(iter, baseVReg);
linkSlowCase(iter);
emitPutJITStubArgConstant(ident, 2);
emitPutJITStubArg(regT0, 1);
emitPutJITStubArg(regT1, 3);
Call call = emitCTICall(JITStubs::cti_op_put_by_id);
// Track the location of the call; this will be used to recover patch information.
m_propertyAccessCompilationInfo[propertyAccessInstructionIndex].callReturnLocation = call;
}
When the code is initially generated, it generates a call to address 0x6a2294 (JIT::cti_op_put_by_id) which is correct. Later on, something modifies the instruction to call address 0x6a26dc instead, which causes an infinite loop.
What is the purpose of dynamically modifying this call instruction?
Toshi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-dev/attachments/20090616/315d06eb/attachment.html>
More information about the webkit-dev
mailing list