Bug 151445

Summary: JIT snippet generator JumpLists should be returned as references.
Product: WebKit Reporter: Mark Lam <mark.lam>
Component: JavaScriptCoreAssignee: Mark Lam <mark.lam>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, keith_miller, msaboff, ossy, saam
Priority: P2    
Version: WebKit Local Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
proposed patch. barraclough: review+

Description Mark Lam 2015-11-19 09:35:06 PST 
The JumpLists were being returned by value.  As a result, new jumps added to them in the client are actually added to a temporary copy and promptly discarded.  Those jumps never get linked, resulting in infinite loops in DFG generated code that used the snippets.
Comment 1 Mark Lam 2015-11-19 09:37:47 PST 
Created attachment 265866 [details]
proposed patch.
Comment 2 Csaba Osztrogonác 2015-11-19 09:54:17 PST 
I started tests with this patch applied on the ARMv7 Thumb2 bot:
https://build.webkit.org/builders/EFL%20Linux%20ARMv7%20Thumb2%20Release/builds/16224

It will finish testing in 40-45 minutes, let's see the results.
Comment 3 Mark Lam 2015-11-19 10:01:07 PST 
Thanks for the review.  Landed in r192632: <http://trac.webkit.org/r192632>.
Comment 4 Csaba Osztrogonác 2015-11-20 02:38:57 PST 
*** Bug 151440 has been marked as a duplicate of this bug. ***