delta/qt5/qtwebkit.git - code.qt.io: qt/qtwebkit.git

diff options

author	Mark Hahnenberg <mhahnenberg@apple.com>	2013-10-16 16:01:27 +0200
committer	The Qt Project <gerrit-noreply@qt-project.org>	2013-10-16 19:33:30 +0200
commit	6d6a120fd6d80f8ebae638a118e0727a4b04253b (patch)
tree	1921ce8ab6c5d35989dcc4ea2463a88d02746ee0 /Source/JavaScriptCore/assembler/MacroAssemblerARM.cpp
parent	332de746f32edbb3dfc1cd4b39d8c815fd47b28e (diff)
download	qtwebkit-6d6a120fd6d80f8ebae638a118e0727a4b04253b.tar.gz

32-bit code gen for TypeOf doesn't properly update the AbstractInterpreter state

https://bugs.webkit.org/show_bug.cgi?id=119555 Reviewed by Geoffrey Garen. It uses a speculationCheck where it should be using a DFG_TYPE_CHECK like the 64-bit backend does. This was causing crashes on maps.google.com in 32-bit debug builds. * dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compile): Change-Id: Icdcfe0719d22df7db6dc7ffcee309b75b63914df git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153793 268f45cc-cd09-0410-ab3c-d52691b4dbfc Reviewed-by: Simon Hausmann <simon.hausmann@digia.com>

Diffstat (limited to 'Source/JavaScriptCore/assembler/MacroAssemblerARM.cpp')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: