Bug 151445

Summary: JIT snippet generator JumpLists should be returned as references.
Product: WebKit Reporter: Mark Lam <mark.lam>
Component: JavaScriptCoreAssignee: Mark Lam <mark.lam>
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, keith_miller, msaboff, ossy, saam
Priority: P2    
Version: WebKit Local Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
proposed patch. barraclough: review+

Mark Lam
Reported 2015-11-19 09:35:06 PST
The JumpLists were being returned by value. As a result, new jumps added to them in the client are actually added to a temporary copy and promptly discarded. Those jumps never get linked, resulting in infinite loops in DFG generated code that used the snippets.
Attachments
proposed patch. (3.31 KB, patch)
2015-11-19 09:37 PST, Mark Lam 		barraclough: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Mark Lam
Comment 1 2015-11-19 09:37:47 PST
Created attachment 265866 [details] proposed patch.
Csaba Osztrogonác
Comment 2 2015-11-19 09:54:17 PST
I started tests with this patch applied on the ARMv7 Thumb2 bot: https://build.webkit.org/builders/EFL%20Linux%20ARMv7%20Thumb2%20Release/builds/16224 It will finish testing in 40-45 minutes, let's see the results.
Mark Lam
Comment 3 2015-11-19 10:01:07 PST
Thanks for the review. Landed in r192632: <http://trac.webkit.org/r192632>.
Csaba Osztrogonác
Comment 4 2015-11-20 02:38:57 PST
*** Bug 151440 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.