Context Navigation

← Previous Change
Next Change →

LinkBuffer.h

Timestamp:

Sep 21, 2012, 4:29:30 PM (13 years ago)

Author:

Message:

REGRESSION (r128400): Opening Google Web Fonts page hangs or crashes
https://bugs.webkit.org/show_bug.cgi?id=97328

Reviewed by Mark Hahnenberg.

It's a bad idea to emit stub code that reallocates property storage when we're in indexed
storage mode. DFGRepatch.cpp knew this and had the appropriate check in one of the places,
but it didn't have it in all of the places.

This change also adds some more handy disassembly support, which I used to find the bug.

assembler/LinkBuffer.h:

(JSC):

dfg/DFGRepatch.cpp:

(JSC::DFG::generateProtoChainAccessStub):
(JSC::DFG::tryCacheGetByID):
(JSC::DFG::tryBuildGetByIDList):
(JSC::DFG::emitPutReplaceStub):
(JSC::DFG::emitPutTransitionStub):
(JSC::DFG::tryCachePutByID):

jit/JITStubRoutine.h:

(JSC):

File:

: 1 edited

trunk/Source/JavaScriptCore/assembler/LinkBuffer.h (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/Source/JavaScriptCore/assembler/LinkBuffer.h

-              r121925
+              r129272
     FINALIZE_CODE_IF(Options::showDisassembly(), linkBufferReference, dataLogArgumentsForHeading)
+#define FINALIZE_DFG_CODE(linkBufferReference, dataLogArgumentsForHeading)  \
+    FINALIZE_CODE_IF(Options::showDFGDisassembly(), linkBufferReference, dataLogArgumentsForHeading)
 } // namespace JSC

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 129272 in webkit for trunk/Source/JavaScriptCore/assembler/LinkBuffer.h

Legend:

trunk/Source/JavaScriptCore/assembler/LinkBuffer.h

Download in other formats: