Google Git
Sign in
webkit / WebKit / da99c7f69d6b6581b4511c7cc0a96ddcbcdd1323^! / . / Source / JavaScriptCore / jit / JITInlines.h
commitda99c7f69d6b6581b4511c7cc0a96ddcbcdd1323[log] [tgz]
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Tue Oct 22 17:04:59 2013 +0000
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Tue Oct 22 17:04:59 2013 +0000
tree0734347ed249e4ec8bdb9da896076a50b0ec52d5
parent30a6a70e19c0b000e8cb17722749d2c9c8aa5927 [diff] [blame]
[sh4][mips][arm] Fix crashes in JSC (32-bit only).
https://bugs.webkit.org/show_bug.cgi?id=123165

Patch by Julien Brianceau <jbriance@cisco.com> on 2013-10-22
Reviewed by Michael Saboff.

* jit/JITInlines.h:
(JSC::JIT::callOperationNoExceptionCheck): Add missing EABI_32BIT_DUMMY_ARG.
(JSC::JIT::callOperation): The last TrustedImm32(arg3) is a bit overkill for SH4 :)
(JSC::JIT::callOperation): Add missing EABI_32BIT_DUMMY_ARG.
(JSC::JIT::callOperation): Fix tag and payload order for V_JITOperation_EJJJ prototype.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@157797 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/Source/JavaScriptCore/jit/JITInlines.h b/Source/JavaScriptCore/jit/JITInlines.h
index 81b0087..f019153 100644
--- a/Source/JavaScriptCore/jit/JITInlines.h
+++ b/Source/JavaScriptCore/jit/JITInlines.h

@@ -432,7 +432,7 @@
 
 ALWAYS_INLINE MacroAssembler::Call JIT::callOperationNoExceptionCheck(V_JITOperation_EJ operation, GPRReg arg1Tag, GPRReg arg1Payload)
 {
-    setupArgumentsWithExecState(arg1Payload, arg1Tag);
+    setupArgumentsWithExecState(EABI_32BIT_DUMMY_ARG arg1Payload, arg1Tag);
     updateTopCallFrame();
     return appendCall(operation);
 }
@@ -441,7 +441,7 @@
 {
 #if CPU(SH4)
     // We have to put arg3 in the 4th argument register (r7) as 64-bit value arg2 will be put on stack for sh4 architecure.
-    setupArgumentsWithExecState(arg1Payload, arg1Tag, TrustedImm32(arg3), arg2Payload, arg2Tag, TrustedImm32(arg3));
+    setupArgumentsWithExecState(arg1Payload, arg1Tag, TrustedImm32(arg3), arg2Payload, arg2Tag);
 #else
     setupArgumentsWithExecState(EABI_32BIT_DUMMY_ARG arg1Payload, arg1Tag, arg2Payload, arg2Tag, TrustedImm32(arg3));
 #endif
@@ -510,7 +510,7 @@
 
 ALWAYS_INLINE MacroAssembler::Call JIT::callOperation(V_JITOperation_EJ operation, RegisterID regOp1Tag, RegisterID regOp1Payload)
 {
-    setupArgumentsWithExecState(regOp1Payload, regOp1Tag);
+    setupArgumentsWithExecState(EABI_32BIT_DUMMY_ARG regOp1Payload, regOp1Tag);
     return appendCallWithExceptionCheck(operation);
 }
 
@@ -526,7 +526,7 @@
     return appendCallWithExceptionCheck(operation);
 }
 
-ALWAYS_INLINE MacroAssembler::Call JIT::callOperation(V_JITOperation_EJJJ operation, RegisterID regOp1Payload, RegisterID regOp1Tag, RegisterID regOp2Payload, RegisterID regOp2Tag, RegisterID regOp3Payload, RegisterID regOp3Tag)
+ALWAYS_INLINE MacroAssembler::Call JIT::callOperation(V_JITOperation_EJJJ operation, RegisterID regOp1Tag, RegisterID regOp1Payload, RegisterID regOp2Tag, RegisterID regOp2Payload, RegisterID regOp3Tag, RegisterID regOp3Payload)
 {
     setupArgumentsWithExecState(EABI_32BIT_DUMMY_ARG regOp1Payload, regOp1Tag, SH4_32BIT_DUMMY_ARG regOp2Payload, regOp2Tag, regOp3Payload, regOp3Tag);
     return appendCallWithExceptionCheck(operation);