Google Git
Sign in
webkit / WebKit / 265b1960633c94f61184de10610d681687670449^! / . / Source / JavaScriptCore / jit / SpecializedThunkJIT.h
commit265b1960633c94f61184de10610d681687670449[log] [tgz]
authorfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Wed Dec 21 06:01:20 2011 +0000
committerfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Wed Dec 21 06:01:20 2011 +0000
tree86351072d25657aa1d99e9d04b29c3038aa493db
parentf37187eafcee6ebec3dcde0b89a3acccc2c3ce4f [diff] [blame]
JavaScriptCore should be consistent about how it reads and writes ArgumentCount
https://bugs.webkit.org/show_bug.cgi?id=74989
<rdar://problem/10612006>

Reviewed by Gavin Barraclough.

* dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::compileFunction):
* jit/JIT.cpp:
(JSC::JIT::privateCompile):
* jit/JITCall32_64.cpp:
(JSC::JIT::compileLoadVarargs):
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_get_arguments_length):
(JSC::JIT::emit_op_get_argument_by_val):
* jit/SpecializedThunkJIT.h:
(JSC::SpecializedThunkJIT::SpecializedThunkJIT):



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@103390 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/Source/JavaScriptCore/jit/SpecializedThunkJIT.h b/Source/JavaScriptCore/jit/SpecializedThunkJIT.h
index ab78eaa..1802216 100644
--- a/Source/JavaScriptCore/jit/SpecializedThunkJIT.h
+++ b/Source/JavaScriptCore/jit/SpecializedThunkJIT.h

@@ -42,7 +42,7 @@
             , m_globalData(globalData)
         {
             // Check that we have the expected number of arguments
-            m_failures.append(branch32(NotEqual, Address(callFrameRegister, RegisterFile::ArgumentCount * (int)sizeof(Register)), TrustedImm32(expectedArgCount + 1)));
+            m_failures.append(branch32(NotEqual, payloadFor(RegisterFile::ArgumentCount), TrustedImm32(expectedArgCount + 1)));
         }
         
         void loadDoubleArgument(int argument, FPRegisterID dst, RegisterID scratch)