WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
Bug 68735
DFG implementation of PutScopedVar corrupts register allocation
https://bugs.webkit.org/show_bug.cgi?id=68735
Summary
DFG implementation of PutScopedVar corrupts register allocation
Filip Pizlo
Reported
2011-09-23 14:54:08 PDT
The PutScopedVar case in DFGSpeculativeJIT.cpp does not call noResult(), causing its child (the scope chain) to remain referenced. It then does not get removed from the register bank, and its virtual register does not get cleared. This has two effects: bizarre assertion failures and possibly regressed performance in the absence of assertion failures, due to increased register pressure.
Attachments
the patch
(1.27 KB, patch)
2011-09-23 14:55 PDT
,
Filip Pizlo
oliver
: review+
oliver
: commit-queue+
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Filip Pizlo
Comment 1
2011-09-23 14:55:43 PDT
Created
attachment 108543
[details]
the patch
Oliver Hunt
Comment 2
2011-09-23 14:56:50 PDT
Comment on
attachment 108543
[details]
the patch oooh, i didn't realise that was necessary/existed -- best to check my other changes for similar screw ups :-(
Filip Pizlo
Comment 3
2011-09-23 14:57:56 PDT
(In reply to
comment #2
)
> (From update of
attachment 108543
[details]
) > oooh, i didn't realise that was necessary/existed -- best to check my other changes for similar screw ups :-(
GetScopeChain and GetScopeVar are right, because they call the relevant xyzResult methods. It's the ones that don't return anything that are annoying.
Oliver Hunt
Comment 4
2011-09-23 15:12:20 PDT
Committed
r95868
: <
http://trac.webkit.org/changeset/95868
>
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug