Changeset 158672 in webkit

Timestamp:

Nov 5, 2013 7:34:03 AM (10 years ago)

Author:

commit-queue@webkit.org

Message:

REGRESSION(r158315): Fix register mixup in JIT::compileOpCall.
​https://bugs.webkit.org/show_bug.cgi?id=123799

Patch by Julien Brianceau <​jbriance@cisco.com> on 2013-11-05
Reviewed by Mark Lam.

Changeset r158315 is crashing architectures where JSInterfaceJIT::regT3 is
different from GPRInfo::regT3. This is the case for MIPS architecture.

• jit/JITCall32_64.cpp:

(JSC::JIT::compileOpCall):

Location:

trunk/Source/JavaScriptCore

Files:

• ChangeLog (modified) (1 diff)
• jit/JITCall32_64.cpp (modified) (1 diff)

trunk/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2013-11-05  Julien Brianceau  <jbriance@cisco.com>
+
+        REGRESSION(r158315): Fix register mixup in JIT::compileOpCall.
+        https://bugs.webkit.org/show_bug.cgi?id=123799
+
+        Reviewed by Mark Lam.
+
+        Changeset r158315 is crashing architectures where JSInterfaceJIT::regT3 is
+        different from GPRInfo::regT3. This is the case for MIPS architecture.
+
+        * jit/JITCall32_64.cpp:
+        (JSC::JIT::compileOpCall):
+
 2013-11-05  Julien Brianceau  <jbriance@cisco.com>
 

trunk/Source/JavaScriptCore/jit/JITCall32_64.cpp

@@ -263 +263 @@
     emitLoad(callee, regT1, regT0); // regT1, regT0 holds callee.
 
-    storePtr(callFrameRegister, Address(GPRInfo::regT3, CallFrame::callerFrameOffset()));
+    storePtr(callFrameRegister, Address(regT3, CallFrame::callerFrameOffset()));
     emitStore(JSStack::Callee, regT1, regT0, regT3);
     move(regT3, callFrameRegister);