2009-12-07 Maciej Stachowiak <mjs@apple.com>
authormjs@apple.com <mjs@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 7 Dec 2009 14:52:37 +0000 (14:52 +0000)
committermjs@apple.com <mjs@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 7 Dec 2009 14:52:37 +0000 (14:52 +0000)
        Reviewed by Oliver Hunt.

        op_loop_if_less JIT codegen is broken for 64-bit
        https://bugs.webkit.org/show_bug.cgi?id=32221

        * jit/JITOpcodes.cpp:
        (JSC::JIT::emit_op_loop_if_false): Fix codegen in this version - test was backwards.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@51765 268f45cc-cd09-0410-ab3c-d52691b4dbfc

JavaScriptCore/ChangeLog
JavaScriptCore/jit/JITOpcodes.cpp

index 5da0107723feac4f8fa71b79b8a825cecdd3ee0a..e72e88a92d26f20c7172a3ee7ec76300675a1914 100644 (file)
@@ -1,3 +1,13 @@
+2009-12-07  Maciej Stachowiak  <mjs@apple.com>
+
+        Reviewed by Oliver Hunt.
+
+        op_loop_if_less JIT codegen is broken for 64-bit
+        https://bugs.webkit.org/show_bug.cgi?id=32221
+
+        * jit/JITOpcodes.cpp:
+        (JSC::JIT::emit_op_loop_if_false): Fix codegen in this version - test was backwards.
+
 2009-12-07  Oliver Hunt  <oliver@apple.com>
 
         Reviewed by Maciej Stachowiak.
index 059cddadd520d41d38d6b809b9991906d8ccc0e8..d7e74960358d4800d3096eedc284f4c9938f9053 100644 (file)
@@ -2304,16 +2304,18 @@ void JIT::emit_op_loop_if_false(Instruction* currentInstruction)
 {
     emitTimeoutCheck();
 
+
     unsigned target = currentInstruction[2].u.operand;
     emitGetVirtualRegister(currentInstruction[1].u.operand, regT0);
 
-    Jump isZero = branchPtr(Equal, regT0, ImmPtr(JSValue::encode(jsNumber(m_globalData, 0))));
-    addJump(emitJumpIfImmediateInteger(regT0), target);
+    addJump(branchPtr(Equal, regT0, ImmPtr(JSValue::encode(jsNumber(m_globalData, 0)))), target);
+    Jump isNonZero = emitJumpIfImmediateInteger(regT0);
 
-    addJump(branchPtr(Equal, regT0, ImmPtr(JSValue::encode(jsBoolean(true)))), target);
-    addSlowCase(branchPtr(NotEqual, regT0, ImmPtr(JSValue::encode(jsBoolean(false)))));
+    addJump(branchPtr(Equal, regT0, ImmPtr(JSValue::encode(jsBoolean(false)))), target);
+    addSlowCase(branchPtr(NotEqual, regT0, ImmPtr(JSValue::encode(jsBoolean(true)))));
 
-    isZero.link(this);
+    isNonZero.link(this);
+    RECORD_JUMP_TARGET(target);
 };
 
 void JIT::emit_op_resolve_base(Instruction* currentInstruction)