Bug 46572

Summary: Avoid constructing arguments object when accessing length and index properties
Product: WebKit Reporter: Oliver Hunt <oliver>
Component: New BugsAssignee: Oliver Hunt <oliver>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, ddkilzer, edwardjsabol, eric, webkit.review.bot, yonkong
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Other   
OS: OS X 10.5   
Bug Depends on:    
Bug Blocks: 46690    
Attachments:
Description Flags
Patch zwarich: review+

Description Oliver Hunt 2010-09-25 11:48:31 PDT 
Avoid constructing arguments object when accessing length and index properties
Comment 1 Oliver Hunt 2010-09-25 11:52:06 PDT 
Created attachment 68837 [details]
Patch
Comment 2 Oliver Hunt 2010-09-25 14:42:16 PDT 
Committed r68338: <http://trac.webkit.org/changeset/68338>
Comment 3 WebKit Review Bot 2010-09-25 15:05:20 PDT 
http://trac.webkit.org/changeset/68338 might have broken Qt Linux Release
Comment 4 David Kilzer (:ddkilzer) 2010-09-29 08:40:46 PDT 
(In reply to comment #2)
> Committed r68338: <http://trac.webkit.org/changeset/68338>

This change caused a regression in the Interpreter:  Bug 46690.
Comment 5 Edward Sabol 2010-10-01 20:22:04 PDT 
Is this going to be backed out or is a fix in the works?
Comment 6 yonkong 2010-10-16 20:33:52 PDT 
I build r69847 code using the following macro
#define WTF_USE_JSVALUE32 1
#define ENABLE_JIT 1
#define ENABLE_JIT_OPTIMIZE_CALL 0
#define ENABLE_JIT_OPTIMIZE_NATIVE_CALL 0
#define ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS 0
#define ENABLE_JIT_OPTIMIZE_METHOD_CALLS 0

Then I used the program the executing the js code:
function foo(){
alert(arguments.length);//the result is 2.
}
foo(1,2,3,4);

when I open www.baidu.com and other urls, the program would be crash.
And the OS is windows xp. I had met the same problem in arm platform.

I had done the same thing using r67643 code, and found no problems. And I had tried to build r69847 code using the macro 
#define ENABLE_JIT 1
#define ENABLE_JIT_OPTIMIZE_CALL 0
#define ENABLE_JIT_OPTIMIZE_NATIVE_CALL 0
#define ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS 0
#define ENABLE_JIT_OPTIMIZE_METHOD_CALLS 0
and nothing problem was found.

By a way, the file JITPropertyAccess.cpp's function emit_op_put_by_id,
a sentence is like that:
JITStubCall stubCall(this, direct ? cti_op_put_by_id_direct_generic, cti_op_put_by_id_generic);
should't it be the next sentence?
JITStubCall stubCall(this, direct ? cti_op_put_by_id_direct_generic : cti_op_put_by_id_generic);

please check, thanks.
Comment 7 Oliver Hunt 2010-10-17 14:24:21 PDT 
(In reply to comment #6)
> I build r69847 code using the following macro
> #define WTF_USE_JSVALUE32 1

JSVALUE32 is no longer a supported configuration on any platform