Changeset 157797 in webkit

Timestamp:

Oct 22, 2013 10:04:59 AM (11 years ago)

Author:

commit-queue@webkit.org

Message:

[sh4][mips][arm] Fix crashes in JSC (32-bit only).
​https://bugs.webkit.org/show_bug.cgi?id=123165

Patch by Julien Brianceau <​jbriance@cisco.com> on 2013-10-22
Reviewed by Michael Saboff.

• jit/JITInlines.h:

(JSC::JIT::callOperationNoExceptionCheck): Add missing EABI_32BIT_DUMMY_ARG.
(JSC::JIT::callOperation): The last TrustedImm32(arg3) is a bit overkill for SH4 :)
(JSC::JIT::callOperation): Add missing EABI_32BIT_DUMMY_ARG.
(JSC::JIT::callOperation): Fix tag and payload order for V_JITOperation_EJJJ prototype.

Location:

trunk/Source/JavaScriptCore

Files:

• ChangeLog (modified) (1 diff)
• jit/JITInlines.h (modified) (4 diffs)

trunk/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2013-10-22  Julien Brianceau  <jbriance@cisco.com>
+
+        [sh4][mips][arm] Fix crashes in JSC (32-bit only).
+        https://bugs.webkit.org/show_bug.cgi?id=123165
+
+        Reviewed by Michael Saboff.
+
+        * jit/JITInlines.h:
+        (JSC::JIT::callOperationNoExceptionCheck): Add missing EABI_32BIT_DUMMY_ARG.
+        (JSC::JIT::callOperation): The last TrustedImm32(arg3) is a bit overkill for SH4 :)
+        (JSC::JIT::callOperation): Add missing EABI_32BIT_DUMMY_ARG.
+        (JSC::JIT::callOperation): Fix tag and payload order for V_JITOperation_EJJJ prototype.
+
 2013-10-22  Julien Brianceau  <jbriance@cisco.com>
 

trunk/Source/JavaScriptCore/jit/JITInlines.h

@@ -433 +433 @@
 ALWAYS_INLINE MacroAssembler::Call JIT::callOperationNoExceptionCheck(V_JITOperation_EJ operation, GPRReg arg1Tag, GPRReg arg1Payload)
 {
-    setupArgumentsWithExecState(arg1Payload, arg1Tag);
+    setupArgumentsWithExecState(EABI_32BIT_DUMMY_ARG arg1Payload, arg1Tag);
     updateTopCallFrame();
     return appendCall(operation);
@@ -442 +442 @@
 #if CPU(SH4)
     // We have to put arg3 in the 4th argument register (r7) as 64-bit value arg2 will be put on stack for sh4 architecure.
-    setupArgumentsWithExecState(arg1Payload, arg1Tag, TrustedImm32(arg3), arg2Payload, arg2Tag, TrustedImm32(arg3));
+    setupArgumentsWithExecState(arg1Payload, arg1Tag, TrustedImm32(arg3), arg2Payload, arg2Tag);
 #else
     setupArgumentsWithExecState(EABI_32BIT_DUMMY_ARG arg1Payload, arg1Tag, arg2Payload, arg2Tag, TrustedImm32(arg3));
@@ -511 +511 @@
 ALWAYS_INLINE MacroAssembler::Call JIT::callOperation(V_JITOperation_EJ operation, RegisterID regOp1Tag, RegisterID regOp1Payload)
 {
-    setupArgumentsWithExecState(regOp1Payload, regOp1Tag);
+    setupArgumentsWithExecState(EABI_32BIT_DUMMY_ARG regOp1Payload, regOp1Tag);
     return appendCallWithExceptionCheck(operation);
 }
@@ -527 +527 @@
 }
 
-ALWAYS_INLINE MacroAssembler::Call JIT::callOperation(V_JITOperation_EJJJ operation, RegisterID regOp1Payload, RegisterID regOp1Tag, RegisterID regOp2Payload, RegisterID regOp2Tag, RegisterID regOp3Payload, RegisterID regOp3Tag)
+ALWAYS_INLINE MacroAssembler::Call JIT::callOperation(V_JITOperation_EJJJ operation, RegisterID regOp1Tag, RegisterID regOp1Payload, RegisterID regOp2Tag, RegisterID regOp2Payload, RegisterID regOp3Tag, RegisterID regOp3Payload)
 {
     setupArgumentsWithExecState(EABI_32BIT_DUMMY_ARG regOp1Payload, regOp1Tag, SH4_32BIT_DUMMY_ARG regOp2Payload, regOp2Tag, regOp3Payload, regOp3Tag);