Changeset 41103 in webkit for trunk/JavaScriptCore/assembler

Timestamp:

Feb 20, 2009, 5:14:28 AM (16 years ago)

Author:

[email protected]

Message:

<rdar://problem/6606660> 2==null returns true in 64bit jit

Reviewed by Mark Rowe

Code for op_eq_null and op_neq_null was incorrectly performing
a 32bit compare, which truncated the type tag from an integer
immediate, leading to incorrect behaviour.

Location:

trunk/JavaScriptCore/assembler

Files:

• MacroAssembler.h (modified) (1 diff)
• MacroAssemblerX86_64.h (modified) (1 diff)

trunk/JavaScriptCore/assembler/MacroAssembler.h

@@ -228 +228 @@
     }
 
+    void setPtr(Condition cond, RegisterID left, Imm32 right, RegisterID dest)
+    {
+        set32(cond, left, right, dest);
+    }
+
     void storePtr(RegisterID src, ImplicitAddress address)
     {

trunk/JavaScriptCore/assembler/MacroAssemblerX86_64.h

@@ -255 +255 @@
     }
 
+    void setPtr(Condition cond, RegisterID left, Imm32 right, RegisterID dest)
+    {
+        if (((cond == Equal) || (cond == NotEqual)) && !right.m_value)
+            m_assembler.testq_rr(left, left);
+        else
+            m_assembler.cmpq_ir(right.m_value, left);
+        m_assembler.setCC_r(cond, dest);
+        m_assembler.movzbl_rr(dest, dest);
+    }
 
     Jump branchPtr(Condition cond, RegisterID left, RegisterID right)