-
fpizlo@apple.com authored
https://bugs.webkit.org/show_bug.cgi?id=121844 Source/JavaScriptCore: Reviewed by Mark Hahnenberg. Fix some int52 bugs that caused this. * bytecode/ValueRecovery.h: (JSC::ValueRecovery::dumpInContext): There's no such thing as int53. * dfg/DFGSpeculativeJIT.h: (JSC::DFG::SpeculativeJIT::spill): Actually spill int52's, instead of hitting an assert and crashing. * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::fillSpeculateInt32Internal): Use the right format (from before when we clobber it). Tools: Reviewed by Mark Hahnenberg. * Scripts/run-javascriptcore-tests: Be more clear about what test suite failed. LayoutTests: Reviewed by Mark Hahnenberg. * js/dfg-int52-spill-expected.txt: Added. * js/dfg-int52-spill-trickier-expected.txt: Added. * js/dfg-int52-spill-trickier.html: Added. * js/dfg-int52-spill.html: Added. * js/script-tests/dfg-int52-spill-trickier.js: Added. (foo): * js/script-tests/dfg-int52-spill.js: Added. (foo): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@156371 268f45cc-cd09-0410-ab3c-d52691b4dbfc
a63eb124
