[Webkit-unassigned] [Bug 122597] [sh4] JavascriptCore freezes in a loop when DFG is enabled.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Nov 3 07:33:15 PST 2013
https://bugs.webkit.org/show_bug.cgi?id=122597
--- Comment #2 from Julien Brianceau <jbriance at cisco.com> 2013-11-03 07:32:02 PST ---
I get it. After comparing what was going on in x86 32-bit port compared to the sh4 one, the sh4 port should refactor its patchableJump() to return the label after the jump, like other ports (x86, arm, mips..).
A quick "dummy" fix for this issue: in tryRepatchIn function from jit/Repatch.cpp file,
PolymorphicAccessStructureList* polymorphicStructureList;
int listIndex;
#if CPU(SH4)
CodeLocationLabel successLabel = stubInfo.hotPathBegin.labelAtOffset(6);
#else
CodeLocationLabel successLabel = stubInfo.hotPathBegin;
#endif
CodeLocationLabel slowCaseLabel;
I'll try to do the refactor tomorrow to submit a clean fix for this.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list