[webkit-reviews] review granted: [Bug 120080] REGRESSION (r153222, 32-bit): NULL JSValue() seen when running peacekeeper benchmark : [Attachment 209859] Revert changes introduced by r153222 in emitSlow_op_get_argument_by_val for 32-bit
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Aug 29 13:11:06 PDT 2013
Michael Saboff <msaboff at apple.com> has granted Julien Brianceau
<jbriance at cisco.com>'s request for review:
Bug 120080: REGRESSION (r153222, 32-bit): NULL JSValue() seen when running
peacekeeper benchmark
https://bugs.webkit.org/show_bug.cgi?id=120080
Attachment 209859: Revert changes introduced by r153222 in
emitSlow_op_get_argument_by_val for 32-bit
https://bugs.webkit.org/attachment.cgi?id=209859&action=review
------- Additional Comments from Michael Saboff <msaboff at apple.com>
After some sleuthing as to what was going on, this is the right fix. The
reason is due to where the results from the create_arguments call end up.
slow_path_create_arguments will put the results in the virtual register
specified by currentInstruction[1].u.operand as it is intended to be the used
for processing op_create_arguments. When using cgi_op_create_arguments, the
result is left in regT0 and regT1, and we need to explicitly emit the stores as
this patch does. Notice that we actually want the result in
currentInstruction[2].u.operand instead of the operand at index 1. That is
because when processing op_get_argument_by_value we only call create_arguments
when the arguments virtual register contains the EmptyValueTag, effectively
materializing the arguments as needed.
More information about the webkit-reviews
mailing list