| commit | 95894333423e19f1e25229d3345f92b186cba575 | [log] [tgz] |
|---|---|---|
| author | msaboff@apple.com <msaboff@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc> | Wed Jan 29 19:18:54 2014 +0000 |
| committer | msaboff@apple.com <msaboff@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc> | Wed Jan 29 19:18:54 2014 +0000 |
| tree | 974339f55fc2bf941117018dec4929db24c09e38 | |
| parent | 9b465df54d80545485c7720a45ebf2ce89832cfe [diff] [blame] |
Merge the jsCStack branch https://bugs.webkit.org/show_bug.cgi?id=127763 Reviewed by Mark Hahnenberg. Source/JavaScriptCore: Changes from http://svn.webkit.org/repository/webkit/branches/jsCStack up to changeset 162958. Source/WebCore: Changes from http://svn.webkit.org/repository/webkit/branches/jsCStack up to changeset 162958. Source/WTF: Changes from http://svn.webkit.org/repository/webkit/branches/jsCStack up to changeset 162958. git-svn-id: http://svn.webkit.org/repository/webkit/trunk@163027 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp b/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp index 9f84a29..7f1d8c4 100644 --- a/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp +++ b/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp
@@ -30,6 +30,7 @@ #include "Arguments.h" #include "DFGOperations.h" +#include "JIT.h" #include "JSCJSValueInlines.h" #include "Operations.h" @@ -173,7 +174,11 @@ ASSERT(mapping->m_bytecodeIndex == exit.m_codeOrigin.bytecodeIndex); void* jumpTarget = baselineCodeBlock->jitCode()->executableAddressAtOffset(mapping->m_machineCodeOffset); + + jit.addPtr(AssemblyHelpers::TrustedImm32(JIT::stackPointerOffsetFor(baselineCodeBlock) * sizeof(Register)), GPRInfo::callFrameRegister, AssemblyHelpers::stackPointerRegister); + jit.jitAssertTagsInPlace(); + jit.move(AssemblyHelpers::TrustedImmPtr(jumpTarget), GPRInfo::regT2); jit.jump(GPRInfo::regT2); }