WebKit Bugzilla
New
Browse
Search+
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
170473
On ARM64, DFG::SpeculativeJIT::compileArithMod() failed to ensure result is of DataFormatInt32.
https://bugs.webkit.org/show_bug.cgi?id=170473
Summary
On ARM64, DFG::SpeculativeJIT::compileArithMod() failed to ensure result is o...
Mark Lam
Reported
2017-04-04 14:50:12 PDT
In Unchecked mode, when DFG::SpeculativeJIT::compileArithMod() detects that the divisor is 0, it just returns the divisor as the result. However, the result is expected to be of DataFormatIn32, but the divisor in this case is of DataFormatJSInt32. The fix is to return an immediate 0 instead. <
rdar://problem/29912391
>
Attachments
proposed patch.
(4.62 KB, patch)
2017-04-04 15:28 PDT
,
Mark Lam
no flags
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Mark Lam
Comment 1
2017-04-04 15:28:36 PDT
Created
attachment 306217
[details]
proposed patch.
Mark Lam
Comment 2
2017-04-04 20:22:20 PDT
Comment on
attachment 306217
[details]
proposed patch. Thanks for the review. Landing now.
WebKit Commit Bot
Comment 3
2017-04-04 20:50:10 PDT
Comment on
attachment 306217
[details]
proposed patch. Clearing flags on attachment: 306217 Committed
r214927
: <
http://trac.webkit.org/changeset/214927
>
WebKit Commit Bot
Comment 4
2017-04-04 20:50:12 PDT
All reviewed patches have been landed. Closing bug.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug