commit b3aadd17b760ce47eae2e7ea45d7144fbf823921
author mark.lam@apple.com <mark.lam@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc> Thu Apr 03 18:25:26 2014 +0000
committer mark.lam@apple.com <mark.lam@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc> Thu Apr 03 18:25:26 2014 +0000
tree 7f3a2d46fd04dd3d2df4f75dbc0094297792d38e
parent 9b92bc0d1c61df597cb82c1dff0ef4ef6bb56e74

Fix bit rot in ARMv7 JIT probe mechanism.
<https://webkit.org/b/131167>

Reviewed by Geoffrey Garen.

1. The macro assembler does not support pushing the SP register.  Worked
   around this by pushing the LR register as a placeholder, and then
   writing the original SP value to that slot.
2. The CPUState field in the ProbeContext needs to be aligned on a 4
   byte boundary, not an 8 byte boundary.

* assembler/MacroAssemblerARMv7.cpp:
(JSC::MacroAssemblerARMv7::probe):
* jit/JITStubsARMv7.h:


git-svn-id: http://svn.webkit.org/repository/webkit/trunk@166732 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/JavaScriptCore/assembler/MacroAssemblerARMv7.cpp

diff --git a/Source/JavaScriptCore/assembler/MacroAssemblerARMv7.cpp b/Source/JavaScriptCore/assembler/MacroAssemblerARMv7.cpp
index 744d5fb..3132e31 100644
--- a/Source/JavaScriptCore/assembler/MacroAssemblerARMv7.cpp
+++ b/Source/JavaScriptCore/assembler/MacroAssemblerARMv7.cpp
@@ -82,8 +82,10 @@
 
 void MacroAssemblerARMv7::probe(MacroAssemblerARMv7::ProbeFunction function, void* arg1, void* arg2)
 {
-    push(RegisterID::sp);
     push(RegisterID::lr);
+    push(RegisterID::lr);
+    add32(TrustedImm32(8), RegisterID::sp, RegisterID::lr);
+    store32(RegisterID::lr, ArmAddress(RegisterID::sp, 4));
     push(RegisterID::ip);
     push(RegisterID::r0);
     // The following uses RegisterID::ip. So, they must come after we push ip above.