141412 2015-02-09 16:36:45 -0800 DFG::StackLayoutPhase should always set the scopeRegister to VirtualRegister() because the DFG doesn't do anything to make its value valid 2015-02-09 20:47:29 -0800 1 1 1 Unclassified WebKit JavaScriptCore 528+ (Nightly build) All All RESOLVED FIXED P2 Normal --- 1 fpizlo fpizlo oldest_to_newest 1067961 0 fpizlo 2015-02-09 16:36:45 -0800 StackLayoutPhase is attempting to ensure that the register that CodeBlock::scopeRegister() points to is the right one for the DFG. But the DFG does nothing else to maintain the validity of the scopeRegister(). It's not captured as far as I can tell. StackLayoutPhase doesn't explicitly mark it live. So, by the time we get here the register referred to by CodeBlock::scopeRegister() is junk. Moreover, CodeBlock::scopeRegister() is not used for DFG code blocks, and is hardly ever used outside of bytecode generation. 1067962 1 246304 fpizlo 2015-02-09 16:41:31 -0800 Created attachment 246304 the patch 1067976 2 246309 fpizlo 2015-02-09 19:25:23 -0800 Created attachment 246309 the patch Addressing Michael's concerns 1067983 3 246309 msaboff 2015-02-09 20:33:43 -0800 Comment on attachment 246309 the patch r=me 1067984 4 fpizlo 2015-02-09 20:47:29 -0800 Landed in http://trac.webkit.org/changeset/179863 246304 2015-02-09 16:41:31 -0800 2015-02-09 19:25:23 -0800 the patch blah.patch text/plain 2296 fpizlo SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMTc5ODU3KQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDIzIEBA CisyMDE1LTAyLTA5ICBGaWxpcCBQaXpsbyAgPGZwaXpsb0BhcHBsZS5jb20+CisKKyAgICAgICAg R2V0IHJpZCBvZiBzY29wZVJlZ2lzdGVyKCkgdG9tZm9vbGVyeSBpbiBERkc6OlN0YWNrTGF5b3V0 UGhhc2UKKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dpP2lkPTE0 MTQxMgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorICAgICAgICAKKyAg ICAgICAgU3RhY2tMYXlvdXRQaGFzZSB3YXMgYXR0ZW1wdGluZyB0byBlbnN1cmUgdGhhdCB0aGUg cmVnaXN0ZXIgdGhhdAorICAgICAgICBDb2RlQmxvY2s6OnNjb3BlUmVnaXN0ZXIoKSBwb2ludHMg dG8gaXMgdGhlIHJpZ2h0IG9uZSBmb3IgdGhlIERGRy4gQnV0IHRoZSBERkcgZGlkIG5vdGhpbmcK KyAgICAgICAgZWxzZSB0byBtYWludGFpbiB0aGUgdmFsaWRpdHkgb2YgdGhlIHNjb3BlUmVnaXN0 ZXIoKS4gSXQgd2Fzbid0IGNhcHR1cmVkIGFzIGZhciBhcyBJIGNhbgorICAgICAgICB0ZWxsLiBT dGFja0xheW91dFBoYXNlIGRpZG4ndCBleHBsaWNpdGx5IG1hcmsgaXQgbGl2ZS4gU28sIGJ5IHRo ZSB0aW1lIHdlIGdvdCBoZXJlIHRoZQorICAgICAgICByZWdpc3RlciByZWZlcnJlZCB0byBieSBD b2RlQmxvY2s6OnNjb3BlUmVnaXN0ZXIoKSB3b3VsZCBoYXZlIGJlZW4ganVuay4gTW9yZW92ZXIs CisgICAgICAgIENvZGVCbG9jazo6c2NvcGVSZWdpc3RlcigpIHdhcyBub3QgdXNlZCBmb3IgREZH IGNvZGUgYmxvY2tzLCBhbmQgd2FzIGhhcmRseSBldmVyIHVzZWQKKyAgICAgICAgb3V0c2lkZSBv ZiBieXRlY29kZSBnZW5lcmF0aW9uLgorICAgICAgICAKKyAgICAgICAgU28sIHRoaXMgcGF0Y2gg anVzdCByZW1vdmVzIHRoZSBjb2RlIHRvIG1hbmlwdWxhdGUgdGhpcyBmaWVsZC4KKworICAgICAg ICAqIGRmZy9ERkdTdGFja0xheW91dFBoYXNlLmNwcDoKKyAgICAgICAgKEpTQzo6REZHOjpTdGFj a0xheW91dFBoYXNlOjpydW4pOgorCiAyMDE1LTAyLTA5ICBGaWxpcCBQaXpsbyAgPGZwaXpsb0Bh cHBsZS5jb20+CiAKICAgICAgICAgREZHIGNhbGwgY29kZWdlbiBzaG91bGQgcmVzb2x2ZSB0aGUg Y2FsbGVlIG9wZXJhbmQgYXMgbGF0ZSBhcyBwb3NzaWJsZQpJbmRleDogU291cmNlL0phdmFTY3Jp cHRDb3JlL2RmZy9ERkdTdGFja0xheW91dFBoYXNlLmNwcAo9PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2Uv SmF2YVNjcmlwdENvcmUvZGZnL0RGR1N0YWNrTGF5b3V0UGhhc2UuY3BwCShyZXZpc2lvbiAxNzk4 NDkpCisrKyBTb3VyY2UvSmF2YVNjcmlwdENvcmUvZGZnL0RGR1N0YWNrTGF5b3V0UGhhc2UuY3Bw CSh3b3JraW5nIGNvcHkpCkBAIC0xNjgsMTEgKzE2OCw2IEBAIHB1YmxpYzoKICAgICAgICAgICAg ICAgICB2aXJ0dWFsUmVnaXN0ZXJGb3JMb2NhbChhbGxvY2F0aW9uW2NvZGVCbG9jaygpLT5hY3Rp dmF0aW9uUmVnaXN0ZXIoKS50b0xvY2FsKCldKSk7CiAgICAgICAgIH0KICAgICAgICAgCi0gICAg ICAgIGlmIChjb2RlQmxvY2soKS0+c2NvcGVSZWdpc3RlcigpLmlzVmFsaWQoKSkgewotICAgICAg ICAgICAgdW5zaWduZWQgc2NvcGVSZWdpc3RlckFsbG9jYXRpb24gPSBhbGxvY2F0aW9uW2NvZGVC bG9jaygpLT5zY29wZVJlZ2lzdGVyKCkudG9Mb2NhbCgpXTsKLSAgICAgICAgICAgIGNvZGVCbG9j aygpLT5zZXRTY29wZVJlZ2lzdGVyKHNjb3BlUmVnaXN0ZXJBbGxvY2F0aW9uID09IFVJTlRfTUFY ID8gVmlydHVhbFJlZ2lzdGVyKCkgOiB2aXJ0dWFsUmVnaXN0ZXJGb3JMb2NhbChzY29wZVJlZ2lz dGVyQWxsb2NhdGlvbikpOwotICAgICAgICB9Ci0KICAgICAgICAgZm9yICh1bnNpZ25lZCBpID0g bV9ncmFwaC5tX2lubGluZVZhcmlhYmxlRGF0YS5zaXplKCk7IGktLTspIHsKICAgICAgICAgICAg IElubGluZVZhcmlhYmxlRGF0YSBkYXRhID0gbV9ncmFwaC5tX2lubGluZVZhcmlhYmxlRGF0YVtp XTsKICAgICAgICAgICAgIElubGluZUNhbGxGcmFtZSogaW5saW5lQ2FsbEZyYW1lID0gZGF0YS5p bmxpbmVDYWxsRnJhbWU7Cg== 246309 2015-02-09 19:25:23 -0800 2015-02-09 20:33:43 -0800 the patch blah.patch text/plain 2705 fpizlo SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gMTc5ODU3KQorKysgU291cmNl L0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDI2IEBA CisyMDE1LTAyLTA5ICBGaWxpcCBQaXpsbyAgPGZwaXpsb0BhcHBsZS5jb20+CisKKyAgICAgICAg REZHOjpTdGFja0xheW91dFBoYXNlIHNob3VsZCBhbHdheXMgc2V0IHRoZSBzY29wZVJlZ2lzdGVy IHRvIFZpcnR1YWxSZWdpc3RlcigpIGJlY2F1c2UgdGhlIERGRyBkb2Vzbid0IGRvIGFueXRoaW5n IHRvIG1ha2UgaXRzIHZhbHVlIHZhbGlkCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3Jn L3Nob3dfYnVnLmNnaT9pZD0xNDE0MTIKKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9P UFMhKS4KKyAgICAgICAgCisgICAgICAgIFN0YWNrTGF5b3V0UGhhc2Ugd2FzIGF0dGVtcHRpbmcg dG8gZW5zdXJlIHRoYXQgdGhlIHJlZ2lzdGVyIHRoYXQKKyAgICAgICAgQ29kZUJsb2NrOjpzY29w ZVJlZ2lzdGVyKCkgcG9pbnRzIHRvIGlzIHRoZSByaWdodCBvbmUgZm9yIHRoZSBERkcuIEJ1dCB0 aGUgREZHIGRpZCBub3RoaW5nCisgICAgICAgIGVsc2UgdG8gbWFpbnRhaW4gdGhlIHZhbGlkaXR5 IG9mIHRoZSBzY29wZVJlZ2lzdGVyKCkuIEl0IHdhc24ndCBjYXB0dXJlZCBhcyBmYXIgYXMgSSBj YW4KKyAgICAgICAgdGVsbC4gU3RhY2tMYXlvdXRQaGFzZSBkaWRuJ3QgZXhwbGljaXRseSBtYXJr IGl0IGxpdmUuIFByZWNpc2VMb2NhbENsb2JiZXJpemUgZGlkbid0IG1hcmsKKyAgICAgICAgaXQg YXMgYmVpbmcgbGl2ZS4gU28sIGJ5IHRoZSB0aW1lIHdlIGdvdCBoZXJlIHRoZSByZWdpc3RlciBy ZWZlcnJlZCB0byBieQorICAgICAgICBDb2RlQmxvY2s6OnNjb3BlUmVnaXN0ZXIoKSB3b3VsZCBo YXZlIGJlZW4ganVuay4gTW9yZW92ZXIsIENvZGVCbG9jazo6c2NvcGVSZWdpc3RlcigpIHdhcwor ICAgICAgICBub3QgdXNlZCBmb3IgREZHIGNvZGUgYmxvY2tzLCBhbmQgd2FzIGhhcmRseSBldmVy IHVzZWQgb3V0c2lkZSBvZiBieXRlY29kZSBnZW5lcmF0aW9uLgorICAgICAgICAKKyAgICAgICAg U28sIHRoaXMgcGF0Y2gganVzdCByZW1vdmVzIHRoZSBjb2RlIHRvIG1hbmlwdWxhdGUgdGhpcyBm aWVsZCBhbmQgcmVwbGFjZXMgaXQgd2l0aCBhbgorICAgICAgICB1bmNvbmRpdGlvbmFsIHNldFNj b3BlUmVnaXN0ZXIoVmlydHVhbFJlZ2lzdGVyKCkpLiBTZXR0aW5nIGl0IHRvIHRoZSBpbnZhbGlk IHJlZ2lzdGVyCisgICAgICAgIGVuc3VyZXMgdGhhdCBhbnkgYXR0ZW1wc3QgdG8gcmVhZCB0aGUg c2NvcGVSZWdpc3RlciBpbiBhIERGRyBvciBGVEwgZnJhbWUgaW1tZWRpYXRlbHkKKyAgICAgICAg cHVudHMuCisKKyAgICAgICAgKiBkZmcvREZHU3RhY2tMYXlvdXRQaGFzZS5jcHA6CisgICAgICAg IChKU0M6OkRGRzo6U3RhY2tMYXlvdXRQaGFzZTo6cnVuKToKKwogMjAxNS0wMi0wOSAgRmlsaXAg UGl6bG8gIDxmcGl6bG9AYXBwbGUuY29tPgogCiAgICAgICAgIERGRyBjYWxsIGNvZGVnZW4gc2hv dWxkIHJlc29sdmUgdGhlIGNhbGxlZSBvcGVyYW5kIGFzIGxhdGUgYXMgcG9zc2libGUKSW5kZXg6 IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9kZmcvREZHU3RhY2tMYXlvdXRQaGFzZS5jcHAKPT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PQotLS0gU291cmNlL0phdmFTY3JpcHRDb3JlL2RmZy9ERkdTdGFja0xheW91dFBoYXNlLmNw cAkocmV2aXNpb24gMTc5ODQ5KQorKysgU291cmNlL0phdmFTY3JpcHRDb3JlL2RmZy9ERkdTdGFj a0xheW91dFBoYXNlLmNwcAkod29ya2luZyBjb3B5KQpAQCAtMTY4LDEwICsxNjgsOCBAQCBwdWJs aWM6CiAgICAgICAgICAgICAgICAgdmlydHVhbFJlZ2lzdGVyRm9yTG9jYWwoYWxsb2NhdGlvbltj b2RlQmxvY2soKS0+YWN0aXZhdGlvblJlZ2lzdGVyKCkudG9Mb2NhbCgpXSkpOwogICAgICAgICB9 CiAgICAgICAgIAotICAgICAgICBpZiAoY29kZUJsb2NrKCktPnNjb3BlUmVnaXN0ZXIoKS5pc1Zh bGlkKCkpIHsKLSAgICAgICAgICAgIHVuc2lnbmVkIHNjb3BlUmVnaXN0ZXJBbGxvY2F0aW9uID0g YWxsb2NhdGlvbltjb2RlQmxvY2soKS0+c2NvcGVSZWdpc3RlcigpLnRvTG9jYWwoKV07Ci0gICAg ICAgICAgICBjb2RlQmxvY2soKS0+c2V0U2NvcGVSZWdpc3RlcihzY29wZVJlZ2lzdGVyQWxsb2Nh dGlvbiA9PSBVSU5UX01BWCA/IFZpcnR1YWxSZWdpc3RlcigpIDogdmlydHVhbFJlZ2lzdGVyRm9y TG9jYWwoc2NvcGVSZWdpc3RlckFsbG9jYXRpb24pKTsKLSAgICAgICAgfQorICAgICAgICAvLyBU aGlzIHJlZ2lzdGVyIGlzIG5ldmVyIHZhbGlkIGZvciBERkcgY29kZSBibG9ja3MuCisgICAgICAg IGNvZGVCbG9jaygpLT5zZXRTY29wZVJlZ2lzdGVyKFZpcnR1YWxSZWdpc3RlcigpKTsKIAogICAg ICAgICBmb3IgKHVuc2lnbmVkIGkgPSBtX2dyYXBoLm1faW5saW5lVmFyaWFibGVEYXRhLnNpemUo KTsgaS0tOykgewogICAgICAgICAgICAgSW5saW5lVmFyaWFibGVEYXRhIGRhdGEgPSBtX2dyYXBo Lm1faW5saW5lVmFyaWFibGVEYXRhW2ldOwo=