Ignore:
Timestamp:
Sep 3, 2014, 11:50:23 AM (11 years ago)
Author:
[email protected]
Message:

FTL In implementation sets callReturnLocation incorrectly leading to crashes beneath repatchCall()
https://bugs.webkit.org/show_bug.cgi?id=136488

Reviewed by Mark Hahnenberg.

  • ftl/FTLCompile.cpp:

(JSC::FTL::generateCheckInICFastPath): The call is in the slow path.

  • tests/stress/ftl-in-overflow.js: Added. This used to crash with 100% with FTL enabled.

(foo):

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/ChangeLog

    r173205 r173213  
     12014-09-03  Filip Pizlo  <[email protected]>
     2
     3        FTL In implementation sets callReturnLocation incorrectly leading to crashes beneath repatchCall()
     4        https://bugs.webkit.org/show_bug.cgi?id=136488
     5
     6        Reviewed by Mark Hahnenberg.
     7
     8        * ftl/FTLCompile.cpp:
     9        (JSC::FTL::generateCheckInICFastPath): The call is in the slow path.
     10        * tests/stress/ftl-in-overflow.js: Added. This used to crash with 100% with FTL enabled.
     11        (foo):
     12
    1132014-09-03  Akos Kiss  <[email protected]>
    214
Note: See TracChangeset for help on using the changeset viewer.