Bug 69918

Summary: DFG JIT 32_64 - Fix ArrayPop
Product: WebKit Reporter: Yuqiang Xian <yuqiang.xian>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: barraclough, fpizlo, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
the patch
none
the patch none

Description Yuqiang Xian 2011-10-12 04:01:10 PDT 
The storageLengthGPR is polluted by EmptyValueTag and later used to index the array, which results in abnormal behaviors in execution. This fix makes 32_64 DFG pass v8-deltablue and kraken crypto-sha256-iterative on Linux ia32.
Comment 1 Yuqiang Xian 2011-10-12 04:03:54 PDT 
Created attachment 110662 [details]
the patch
Comment 2 Yuqiang Xian 2011-10-12 05:33:30 PDT 
Created attachment 110672 [details]
the patch

I think I was muddled when developing the previous wrong patch... :(

Also, please help land it manually if you think it should be r+, as I'm not sure if the commit queue will be happy about the style warnings. Thanks a lot.
Comment 3 WebKit Review Bot 2011-10-12 05:36:19 PDT 
Attachment 110672 [details] did not pass style-queue:

Failed to run "['Tools/Scripts/check-webkit-style', '--diff-files', u'Source/JavaScriptCore/ChangeLog', u'Source..." exit_code: 1

Source/JavaScriptCore/assembler/X86Assembler.h:1069:  movl_i32m is incorrectly named. Don't use underscores in your identifier names.  [readability/naming] [4]
Total errors found: 1 in 4 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 4 Filip Pizlo 2011-10-12 11:36:01 PDT 
Ouch, I can't believe I created that bug.
Comment 5 WebKit Review Bot 2011-10-12 12:27:18 PDT 
Comment on attachment 110672 [details]
the patch

Clearing flags on attachment: 110672

Committed r97286: <http://trac.webkit.org/changeset/97286>
Comment 6 WebKit Review Bot 2011-10-12 12:27:22 PDT 
All reviewed patches have been landed.  Closing bug.