Skip to site navigation (Press enter)

[webkit-changes] [102042] trunk/Source/JavaScriptCore

fpizlo Mon, 05 Dec 2011 13:45:41 -0800

Title: [102042] trunk/Source/_javascript_Core

Revision: 102042
Author: [email protected]
Date: 2011-12-05 13:45:30 -0800 (Mon, 05 Dec 2011)

Log Message

Old JIT emits 32-bit offsets for put_by_id but sometimes patches them as if they
were compact offsets
https://bugs.webkit.org/show_bug.cgi?id=73861


Reviewed by Gavin Barraclough.

* jit/JITPropertyAccess32_64.cpp:
(JSC::JIT::resetPatchPutById):

Modified Paths

trunk/Source/_javascript_Core/ChangeLog
trunk/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp

Diff

Modified: trunk/Source/_javascript_Core/ChangeLog (102041 => 102042)


--- trunk/Source/_javascript_Core/ChangeLog	2011-12-05 21:44:23 UTC (rev 102041)
+++ trunk/Source/_javascript_Core/ChangeLog	2011-12-05 21:45:30 UTC (rev 102042)
@@ -1,5 +1,16 @@
 2011-12-05  Filip Pizlo  <[email protected]>
 
+        Old JIT emits 32-bit offsets for put_by_id but sometimes patches them as if they
+        were compact offsets
+        https://bugs.webkit.org/show_bug.cgi?id=73861
+
+        Reviewed by Gavin Barraclough.
+
+        * jit/JITPropertyAccess32_64.cpp:
+        (JSC::JIT::resetPatchPutById):
+
+2011-12-05  Filip Pizlo  <[email protected]>
+
         Unreviewed, build fixes for ARM.
 
         * assembler/AbstractMacroAssembler.h:

Modified: trunk/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp (102041 => 102042)


--- trunk/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp	2011-12-05 21:44:23 UTC (rev 102041)
+++ trunk/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp	2011-12-05 21:45:30 UTC (rev 102042)
@@ -1123,8 +1123,8 @@
     else
         repatchBuffer.relink(stubInfo->callReturnLocation, cti_op_put_by_id);
     repatchBuffer.repatch(stubInfo->hotPathBegin.dataLabelPtrAtOffset(patchOffsetPutByIdStructure), reinterpret_cast<void*>(-1));
-    repatchBuffer.repatch(stubInfo->hotPathBegin.dataLabelCompactAtOffset(patchOffsetPutByIdPropertyMapOffset1), 0);
-    repatchBuffer.repatch(stubInfo->hotPathBegin.dataLabelCompactAtOffset(patchOffsetPutByIdPropertyMapOffset2), 0);
+    repatchBuffer.repatch(stubInfo->hotPathBegin.dataLabel32AtOffset(patchOffsetPutByIdPropertyMapOffset1), 0);
+    repatchBuffer.repatch(stubInfo->hotPathBegin.dataLabel32AtOffset(patchOffsetPutByIdPropertyMapOffset2), 0);
 }
 
 } // namespace JSC

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes