Google Git
Sign in
webkit / WebKit / 7ddfce85fd6c0b1c65fe9c802931f175d02d317d^! / . / Source / JavaScriptCore / dfg / DFGOSRExitCompilerCommon.cpp
commit7ddfce85fd6c0b1c65fe9c802931f175d02d317d[log] [tgz]
authoroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Thu Jul 25 04:01:59 2013 +0000
committeroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Thu Jul 25 04:01:59 2013 +0000
tree5f52f085e2d991b2897ce3b0e8da1aaadb669a4d
parenta152471cfcd5c5f377cc6af3bbb981db165a77e3 [diff] [blame]
fourthTier: The DFG JIT should populate frame bytecodeOffsets on OSR exit.
https://bugs.webkit.org/show_bug.cgi?id=117103.

Reviewed by Geoffrey Garen.

* dfg/DFGOSRExitCompilerCommon.cpp:
(JSC::DFG::reifyInlinedCallFrames):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153207 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp b/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp
index 3edeb1a..07ff837 100644
--- a/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp
+++ b/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp

@@ -79,8 +79,9 @@
 {
     ASSERT(jit.baselineCodeBlock()->jitType() == JITCode::BaselineJIT);
     jit.storePtr(AssemblyHelpers::TrustedImmPtr(jit.baselineCodeBlock()), AssemblyHelpers::addressFor((VirtualRegister)JSStack::CodeBlock));
-    
-    for (CodeOrigin codeOrigin = exit.m_codeOrigin; codeOrigin.inlineCallFrame; codeOrigin = codeOrigin.inlineCallFrame->caller) {
+
+    CodeOrigin codeOrigin;
+    for (codeOrigin = exit.m_codeOrigin; codeOrigin.inlineCallFrame; codeOrigin = codeOrigin.inlineCallFrame->caller) {
         InlineCallFrame* inlineCallFrame = codeOrigin.inlineCallFrame;
         CodeBlock* baselineCodeBlock = jit.baselineCodeBlockFor(codeOrigin);
         CodeBlock* baselineCodeBlockForCaller = jit.baselineCodeBlockFor(inlineCallFrame->caller);
@@ -125,7 +126,11 @@
         if (!inlineCallFrame->isClosureCall())
             jit.storePtr(AssemblyHelpers::TrustedImmPtr(inlineCallFrame->callee.get()), AssemblyHelpers::payloadFor((VirtualRegister)(inlineCallFrame->stackOffset + JSStack::Callee)));
 #endif // USE(JSVALUE64) // ending the #else part, so directly above is the 32-bit part
+
+        jit.store32(AssemblyHelpers::TrustedImm32(codeOrigin.bytecodeIndex), AssemblyHelpers::tagFor((VirtualRegister)(inlineCallFrame->stackOffset + JSStack::ArgumentCount)));
     }
+
+    jit.store32(AssemblyHelpers::TrustedImm32(codeOrigin.bytecodeIndex), AssemblyHelpers::tagFor((VirtualRegister)(JSStack::ArgumentCount)));
 }
 
 void adjustAndJumpToTarget(CCallHelpers& jit, const OSRExitBase& exit)