<html>
<head>
<base href="https://bugs.webkit.org/" />
</head>
<body>
<p>
<div>
<b><a class="bz_bug_link
bz_status_NEW "
title="NEW - B3->Air lowering needs the same defenses in effectiveAddr() that it has in tryAppendLea()"
href="https://bugs.webkit.org/show_bug.cgi?id=163264#c1">Comment # 1</a>
on <a class="bz_bug_link
bz_status_NEW "
title="NEW - B3->Air lowering needs the same defenses in effectiveAddr() that it has in tryAppendLea()"
href="https://bugs.webkit.org/show_bug.cgi?id=163264">bug 163264</a>
from <span class="vcard"><a class="email" href="mailto:fpizlo@apple.com" title="Filip Pizlo <fpizlo@apple.com>"> <span class="fn">Filip Pizlo</span></a>
</span></b>
<pre>Yup, this test generates wrong code and crashes:
void testLoadBaseIndexShift32()
{
Procedure proc;
BasicBlock* root = proc.addBlock();
root->appendNew<Value>(
proc, Return, Origin(),
root->appendNew<MemoryValue>(
proc, Load, Int32, Origin(),
root->appendNew<Value>(
proc, Add, Origin(),
root->appendNew<ArgumentRegValue>(proc, Origin(), GPRInfo::argumentGPR0),
root->appendNew<Value>(
proc, Shl, Origin(),
root->appendNew<ArgumentRegValue>(proc, Origin(), GPRInfo::argumentGPR1),
root->appendNew<Const32Value>(proc, Origin(), 32)))));
auto code = compile(proc);
int32_t value = 12341234;
char* ptr = bitwise_cast<char*>(&value);
for (unsigned i = 0; i < 10; ++i)
CHECK_EQ(invoke<int32_t>(*code, ptr - (static_cast<intptr_t>(1) << static_cast<intptr_t>(32)) * i, i), 12341234);
}</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>