Ignore:
Timestamp:
Feb 27, 2012, 4:37:58 PM (13 years ago)
Author:
[email protected]
Message:

Old JIT's style of JSVALUE64 strict equality is subtly wrong
https://bugs.webkit.org/show_bug.cgi?id=79700

Reviewed by Oliver Hunt.

  • assembler/MacroAssemblerX86_64.h:

(JSC::MacroAssemblerX86_64::comparePtr):
(MacroAssemblerX86_64):

  • dfg/DFGOperations.cpp:
  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::nonSpeculativeStrictEq):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
(JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeStrictEq):

  • jit/JITOpcodes.cpp:

(JSC::JIT::compileOpStrictEq):
(JSC::JIT::emitSlow_op_stricteq):
(JSC::JIT::emitSlow_op_nstricteq):

  • jit/JITStubs.cpp:

(JSC::DEFINE_STUB_FUNCTION):

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/dfg/DFGOperations.cpp

    r108908 r109040  
    737737    JSGlobalData* globalData = &exec->globalData();
    738738    NativeCallFrameTracer tracer(globalData, exec);
    739    
    740     return JSValue::strictEqual(exec, JSValue::decode(encodedOp1), JSValue::decode(encodedOp2));
     739
     740    JSValue src1 = JSValue::decode(encodedOp1);
     741    JSValue src2 = JSValue::decode(encodedOp2);
     742   
     743    ASSERT((src1.isCell() && src2.isCell())
     744           || src1.isDouble() || src2.isDouble());
     745   
     746    return JSValue::strictEqual(exec, src1, src2);
    741747}
    742748
Note: See TracChangeset for help on using the changeset viewer.