Bug 107321

Summary: Harden ArithDiv of integers fix-up by inserting Int32ToDouble node directly
Product: WebKit Reporter: Michael Saboff <msaboff>
Component: JavaScriptCoreAssignee: Michael Saboff <msaboff>
Status: RESOLVED FIXED    
Severity: Normal Keywords: InRadar
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   

Michael Saboff
Reported 2013-01-18 13:39:32 PST
For non-X86 platforms, we perform integer division by converting the integer arguments to doubles, perform the division and then convert the result back to an Int32. The insertion of the conversion nodes is done by the fixup phase. Currently the code uses fixDoubleEdge() for the inputs, but we have already performed a check of the int-ness of the arguments and this is really a special case. Therefore it makes more sense to do the Int32ToDouble node insertion without further checks of the child nodes.
Attachments
Add attachment proposed patch, testcase, etc.
Michael Saboff
Comment 1 2013-01-18 13:40:53 PST
From <rdar://problem/12645632>
Michael Saboff
Comment 2 2013-01-18 13:46:30 PST
Committed r140203: <http://trac.webkit.org/changeset/140203>
Note You need to log in before you can comment on or make changes to this bug.