122866 – Fix 3 operand sub operation in C loop LLINT

Bug 122866 - Fix 3 operand sub operation in C loop LLINT

Summary: Fix 3 operand sub operation in C loop LLINT

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Mark Lam

URL:
Keywords:

Depends on:
Blocks:

Reported:	2013-10-15 14:51 PDT by Mark Lam
Modified:	2013-10-15 15:04 PDT (History)
CC List:	5 users (show)

See Also:

Attachments
the patch. (1.48 KB, patch) 2013-10-15 14:55 PDT, Mark Lam	ggaren: review+	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Mark Lam 2013-10-15 14:51:22 PDT

In LLINT asm, "sub a, b, c" means "c = a - b" , not "c = b - a".  The LLINT C loop assembler was doing this wrong.  This bug results in stack overflow checks not being executed after the recent stack direction inversion.

Fix coming soon.

Comment 1 Mark Lam 2013-10-15 14:55:54 PDT

Created attachment 214304 [details]
the patch.

Comment 2 Geoffrey Garen 2013-10-15 14:57:55 PDT

Comment on attachment 214304 [details]
the patch.

r=me

Comment 3 Mark Lam 2013-10-15 15:04:06 PDT

Thanks for the review.  Landed in r157473: <http://trac.webkit.org/r157473>.