Bug 124839

Summary: [arm][mips] dfg-arrayify-elimination layout jsc test crashes.
Product: WebKit Reporter: Julien Brianceau <jbriance>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, kilvadyb, msaboff, ossy, rgabor, zherczeg
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 108645    
Attachments:
Description Flags
Add missing EABI_32BIT_DUMMY_ARG for V_JITOperation_EJZJ callOperation.
none
Add missing EABI_32BIT_DUMMY_ARG for V_JITOperation_EJZJ callOperation (with updated ChangeLog). none

Description Julien Brianceau 2013-11-25 05:12:08 PST 
Tested on r159740 with CPU(ARM_TRADITIONAL) architecture:

    PASS array is [,42,43,44]
    PASS array is [52,42,43,44]
    PASS array is [,42,43,44]
    PASS array is [52,42,43,44]
    PASS array is [,42,43,44]
    PASS array is [52,42,43,44]
    PASS array is [,42,43,44]
    PASS array is [52,42,43,44]
    PASS array is [,42,43,44]
    PASS array is [52,42,43,44]
    PASS array is [,42,43,44]
    PASS array is [52,42,43,44]
    PASS array is [,42,43,44]
    PASS array is [52,42,43,44]
    Segmentation fault


I'll submit a patch soon to fix this.
Comment 1 Julien Brianceau 2013-11-25 05:20:17 PST 
Created attachment 217793 [details]
Add missing EABI_32BIT_DUMMY_ARG for V_JITOperation_EJZJ callOperation.
Comment 2 Julien Brianceau 2013-11-25 05:46:02 PST 
Created attachment 217798 [details]
Add missing EABI_32BIT_DUMMY_ARG for V_JITOperation_EJZJ callOperation (with updated ChangeLog).

This patch is also relevant for MIPS, same patch with updated ChangeLog.
Comment 3 WebKit Commit Bot 2013-11-25 07:26:12 PST 
Comment on attachment 217798 [details]
Add missing EABI_32BIT_DUMMY_ARG for V_JITOperation_EJZJ callOperation (with updated ChangeLog).

Clearing flags on attachment: 217798

Committed r159748: <http://trac.webkit.org/changeset/159748>
Comment 4 WebKit Commit Bot 2013-11-25 07:26:14 PST 
All reviewed patches have been landed.  Closing bug.