[Webkit-unassigned] [Bug 74908] New: Temporary GPR should not be lazily allocated in DFG JIT on X86
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Dec 19 20:51:29 PST 2011
https://bugs.webkit.org/show_bug.cgi?id=74908
Summary: Temporary GPR should not be lazily allocated in DFG
JIT on X86
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: yuqiang.xian at intel.com
CC: barraclough at apple.com, fpizlo at apple.com
On X86, we used to allocate a temporary GPR lazily when it's really used rather than defined. This may cause potential issues of allocating registers inside control flow and result in problems in subsequent code generation, for example the DFG JIT may think an operand already being spilled (to satisfy the allocation request) and generate code to read the data from memory, but the allocation and spilling are in a branch which is not taken at runtime, so the generated code is incorrect.
Although current DFG JIT code doesn't have this problematic pattern, it's better to cut-off the root to avoid any potential issues in the future.
Patch forthcoming.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list