[Webkit-unassigned] [Bug 206276] [JSC][32bit] Assert failure bytecodeIndex.offset() < instructions().size() in UnlinkedCodeBlock::expressionRangeForBytecodeIndex
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jan 15 07:45:48 PST 2020
https://bugs.webkit.org/show_bug.cgi?id=206276
--- Comment #8 from Caio Lima <ticaiolima at gmail.com> ---
Comment on attachment 387757
--> https://bugs.webkit.org/attachment.cgi?id=387757
WIP patch
View in context: https://bugs.webkit.org/attachment.cgi?id=387757&action=review
> Source/JavaScriptCore/bytecode/UnlinkedCodeBlock.cpp:186
> +#endif
I don't think this will solve the issue. The problem is that with BytecodeIndex we now "<< 2" its offset to make space for checkpoints storage (See BytecodeIndex.h). For 32-bits, we use "Instructrion*" as the offset and such shift will make us lose some high-order bits when retrieving back with `.offset()`.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200115/e2ec41c6/attachment-0001.htm>
More information about the webkit-unassigned
mailing list