RESOLVED FIXED Bug 66122
DFG JIT-specific structure stub info code offset fields are signed 8-bit, but it is possible for the offsets to be greater than 127 
https://bugs.webkit.org/show_bug.cgi?id=66122
Summary DFG JIT-specific structure stub info code offset fields are signed 8-bit, but...
Filip Pizlo
Reported 2011-08-11 18:45:09 PDT
The DFG JIT needs to store offsets between the return address and patchable points in the code, because these offsets vary depending on how register allocation works out. As an optimization these were compressed to 8 bits. But, the offsets may be greater than 127 when a large number of registers get spilled. It's not clear that the offsets are guaranteed to be less than 256, either, when all registers get spilled, particularly in the number of registers used by DFG is increased. These offsets should use more bits to be robust against the rare and difficult-to-debug cases where large amounts of spilling occurs.
Attachments
the patch (4.68 KB, patch)
2011-08-11 18:47 PDT, Filip Pizlo 		fpizlo: review-
DetailsFormatted DiffDiff
the patch (6.22 KB, patch)
2011-08-11 19:18 PDT, Filip Pizlo 		no flags
DetailsFormatted DiffDiff
the patch (even better) (7.36 KB, patch)
2011-08-11 19:26 PDT, Filip Pizlo 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Filip Pizlo
Comment 1 2011-08-11 18:47:02 PDT
Created attachment 103721 [details] the patch
Filip Pizlo
Comment 2 2011-08-11 18:55:46 PDT
Comment on attachment 103721 [details] the patch Never mind. This doesn't really fix it. Trying again...
Filip Pizlo
Comment 3 2011-08-11 19:18:31 PDT
Created attachment 103724 [details] the patch
Filip Pizlo
Comment 4 2011-08-11 19:26:31 PDT
Created attachment 103725 [details] the patch (even better)
WebKit Review Bot
Comment 5 2011-08-11 21:09:56 PDT
Comment on attachment 103725 [details] the patch (even better) Clearing flags on attachment: 103725 Committed r92911: <http://trac.webkit.org/changeset/92911>
WebKit Review Bot
Comment 6 2011-08-11 21:10:01 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.