[Webkit-unassigned] [Bug 103128] LLInt C Loop backend should work on big endian platforms both 32 and 64 bit

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sat May 18 03:22:53 PDT 2013


https://bugs.webkit.org/show_bug.cgi?id=103128





--- Comment #37 from Tobias Netzel <tobias.netzel at googlemail.com>  2013-05-18 03:21:20 PST ---
Running a 64 bit web browser shows a maybe similar problem as the 32 bit version (see comment 10):
The macro putToBaseVariableBody (LowLevelInterpreter.asm:551) crashes when executing:
    loadp JSVariableObject::m_registers[scratch1], scratch1  // line 554
When I change line 553
    loadp PayloadOffset[cfr, scratch1, 8], scratch1 // line 553
to
    loadp CellOffset[cfr, scratch1, 8], scratch1
it doesn't crash anymore in the same line but nevertheless the value it reads is not a valid pointer.
It does then crash in line 555,
    loadisFromInstruction(3, scratch2)
which should be completely unrelated. In fact it seems that the arguments passed to macro aren't valid.
Unlike the problem in comment 10 this one does always happen.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.


More information about the webkit-unassigned mailing list