Changeset 159748 in webkit
- Timestamp:
- Nov 25, 2013 7:28:45 AM (10 years ago)
- Location:
- trunk/Source/JavaScriptCore
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/JavaScriptCore/ChangeLog
r159736 r159748 1 2013-11-25 Julien Brianceau <jbriance@cisco.com> 2 3 [arm][mips] Fix crash in dfg-arrayify-elimination layout jsc test. 4 https://bugs.webkit.org/show_bug.cgi?id=124839 5 6 Reviewed by Michael Saboff. 7 8 In ARM EABI and MIPS, 64-bit values have to be aligned on stack too. 9 10 * jit/CCallHelpers.h: 11 (JSC::CCallHelpers::setupArgumentsWithExecState): 12 * jit/JITInlines.h: 13 (JSC::JIT::callOperation): Add missing EABI_32BIT_DUMMY_ARG. 14 1 15 2013-11-23 Filip Pizlo <fpizlo@apple.com> 2 16 -
trunk/Source/JavaScriptCore/jit/CCallHelpers.h
r159376 r159748 1488 1488 } 1489 1489 1490 ALWAYS_INLINE void setupArgumentsWithExecState(TrustedImm32 arg1, GPRReg arg2, GPRReg arg3, TrustedImm32 arg4, TrustedImm32 arg5, GPRReg arg6, GPRReg arg7) 1491 { 1492 poke(arg7, POKE_ARGUMENT_OFFSET + 3); 1493 poke(arg6, POKE_ARGUMENT_OFFSET + 2); 1494 poke(arg5, POKE_ARGUMENT_OFFSET + 1); 1495 poke(arg4, POKE_ARGUMENT_OFFSET); 1496 setupArgumentsWithExecState(arg1, arg2, arg3); 1497 } 1498 1490 1499 ALWAYS_INLINE void setupArguments(GPRReg arg1, GPRReg arg2, TrustedImmPtr arg3, TrustedImm32 arg4, GPRReg arg5) 1491 1500 { -
trunk/Source/JavaScriptCore/jit/JITInlines.h
r159091 r159748 524 524 ALWAYS_INLINE MacroAssembler::Call JIT::callOperation(V_JITOperation_EJZJ operation, RegisterID regOp1Tag, RegisterID regOp1Payload, int32_t op2, RegisterID regOp3Tag, RegisterID regOp3Payload) 525 525 { 526 setupArgumentsWithExecState(EABI_32BIT_DUMMY_ARG regOp1Payload, regOp1Tag, TrustedImm32(op2), regOp3Payload, regOp3Tag);526 setupArgumentsWithExecState(EABI_32BIT_DUMMY_ARG regOp1Payload, regOp1Tag, TrustedImm32(op2), EABI_32BIT_DUMMY_ARG regOp3Payload, regOp3Tag); 527 527 return appendCallWithExceptionCheck(operation); 528 528 }
Note: See TracChangeset
for help on using the changeset viewer.