[Webkit-unassigned] [Bug 132333] New: LLINT op_put_to_scope and op_get_from_scope should use loadpFromInstruction to get operand from instruction
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Apr 29 05:21:40 PDT 2014
https://bugs.webkit.org/show_bug.cgi?id=132333
Summary: LLINT op_put_to_scope and op_get_from_scope should use
loadpFromInstruction to get operand from instruction
Product: WebKit
Version: 528+ (Nightly build)
Platform: Unspecified
OS/Version: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: tpopela at redhat.com
CC: mark.lam at apple.com
When loading operand variable from instruction in _llint_op_get_from_scope and _llint_op_put_to_scope use loadpFromInstruction instead of loadisFromInstruction.
The operand is saved as a pointer (taken from http://trac.webkit.org/browser/trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp#L1763) :
instructions[i + 6].u.pointer = reinterpret_cast<void*>(op.operand);
So it should be loaded as an pointer (as it already is get/putGlobalVar macros).
Before this change (with https://bugs.webkit.org/show_bug.cgi?id=131495 applied) this simple test case was crashing jsc. After this change it works (and stress suite as well).
$ cat test.js
var a = 1;
print (a+1);
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list