Numbering of arguments to emitGetJITStubArg/emitPutJITStubArg incorrect https://bugs.webkit.org/show_bug.cgi?id=28513 Reviewed by Oliver Hunt. The argumentNumber argument to emitGetJITStubArg/emitPutJITStubArg should match the argument number used within the stub functions in JITStubs.cpp, but it doesn't. Firstly, all the numbers changed when we added a void* 'reserved' as the first slot (rather than leaving argument 0 unused), and secondly in 32_64 builds the index to peek/poke needs to be multiplies by 2 (since the argument to peek/poke is a number of machine words, and on 32_64 build the argument slots to stub functions are two words wide). * jit/JIT.h: * jit/JITCall.cpp: (JSC::JIT::compileOpCallSetupArgs): (JSC::JIT::compileOpConstructSetupArgs): (JSC::JIT::compileOpCallVarargsSetupArgs): (JSC::JIT::compileOpCall): * jit/JITInlineMethods.h: (JSC::JIT::emitPutJITStubArg): (JSC::JIT::emitPutJITStubArgConstant): (JSC::JIT::emitGetJITStubArg): (JSC::JIT::emitPutJITStubArgFromVirtualRegister): * jit/JITOpcodes.cpp: (JSC::JIT::privateCompileCTIMachineTrampolines): * jit/JITPropertyAccess.cpp: (JSC::JIT::privateCompilePutByIdTransition): git-svn-id: http://svn.webkit.org/repository/webkit/trunk@47614 268f45cc-cd09-0410-ab3c-d52691b4dbfc

commit: de296270e828a597464ede4652d08daeed425767 [log] [tgz]
author: barraclough@apple.com <barraclough@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc> Fri Aug 21 02:57:10 2009 +0000
committer: barraclough@apple.com <barraclough@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc> Fri Aug 21 02:57:10 2009 +0000
tree: 6d291f05304ad64a377f4a5369977feb614631fc
parent: e92d7bbf25883ab9f59ad2cf677cc4e3494557e7 [diff] [blame]
diff --git a/JavaScriptCore/jit/JITInlineMethods.h b/JavaScriptCore/jit/JITInlineMethods.h
index 2504c4b..60c9658 100644
--- a/JavaScriptCore/jit/JITInlineMethods.h
+++ b/JavaScriptCore/jit/JITInlineMethods.h

@@ -37,28 +37,32 @@
 // puts an arg onto the stack, as an arg to a context threaded function.
 ALWAYS_INLINE void JIT::emitPutJITStubArg(RegisterID src, unsigned argumentNumber)
 {
-    poke(src, argumentNumber);
+    unsigned argumentStackOffset = (argumentNumber * (sizeof(JSValue) / sizeof(void*))) + 1;
+    poke(src, argumentStackOffset);
 }
 
 /* Deprecated: Please use JITStubCall instead. */
 
 ALWAYS_INLINE void JIT::emitPutJITStubArgConstant(unsigned value, unsigned argumentNumber)
 {
-    poke(Imm32(value), argumentNumber);
+    unsigned argumentStackOffset = (argumentNumber * (sizeof(JSValue) / sizeof(void*))) + 1;
+    poke(Imm32(value), argumentStackOffset);
 }
 
 /* Deprecated: Please use JITStubCall instead. */
 
 ALWAYS_INLINE void JIT::emitPutJITStubArgConstant(void* value, unsigned argumentNumber)
 {
-    poke(ImmPtr(value), argumentNumber);
+    unsigned argumentStackOffset = (argumentNumber * (sizeof(JSValue) / sizeof(void*))) + 1;
+    poke(ImmPtr(value), argumentStackOffset);
 }
 
 /* Deprecated: Please use JITStubCall instead. */
 
 ALWAYS_INLINE void JIT::emitGetJITStubArg(unsigned argumentNumber, RegisterID dst)
 {
-    peek(dst, argumentNumber);
+    unsigned argumentStackOffset = (argumentNumber * (sizeof(JSValue) / sizeof(void*))) + 1;
+    peek(dst, argumentStackOffset);
 }
 
 ALWAYS_INLINE JSValue JIT::getConstantOperand(unsigned src)
@@ -582,16 +586,26 @@
 
 /* Deprecated: Please use JITStubCall instead. */
 
+ALWAYS_INLINE void JIT::emitPutJITStubArg(RegisterID tag, RegisterID payload, unsigned argumentNumber)
+{
+    unsigned argumentStackOffset = (argumentNumber * (sizeof(JSValue) / sizeof(void*))) + 1;
+    poke(payload, argumentStackOffset);
+    poke(tag, argumentStackOffset + 1);
+}
+
+/* Deprecated: Please use JITStubCall instead. */
+
 ALWAYS_INLINE void JIT::emitPutJITStubArgFromVirtualRegister(unsigned src, unsigned argumentNumber, RegisterID scratch1, RegisterID scratch2)
 {
+    unsigned argumentStackOffset = (argumentNumber * (sizeof(JSValue) / sizeof(void*))) + 1;
     if (m_codeBlock->isConstantRegisterIndex(src)) {
         JSValue constant = m_codeBlock->getConstant(src);
-        poke(Imm32(constant.payload()), argumentNumber);
-        poke(Imm32(constant.tag()), argumentNumber + 1);
+        poke(Imm32(constant.payload()), argumentStackOffset);
+        poke(Imm32(constant.tag()), argumentStackOffset + 1);
     } else {
         emitLoad(src, scratch1, scratch2);
-        poke(scratch2, argumentNumber);
-        poke(scratch1, argumentNumber + 1);
+        poke(scratch2, argumentStackOffset);
+        poke(scratch1, argumentStackOffset + 1);
     }
 }
 
@@ -812,12 +826,13 @@
 // get arg puts an arg from the SF register array onto the stack, as an arg to a context threaded function.
 ALWAYS_INLINE void JIT::emitPutJITStubArgFromVirtualRegister(unsigned src, unsigned argumentNumber, RegisterID scratch)
 {
+    unsigned argumentStackOffset = (argumentNumber * (sizeof(JSValue) / sizeof(void*))) + 1;
     if (m_codeBlock->isConstantRegisterIndex(src)) {
         JSValue value = m_codeBlock->getConstant(src);
-        emitPutJITStubArgConstant(JSValue::encode(value), argumentNumber);
+        poke(ImmPtr(JSValue::encode(value)), argumentStackOffset);
     } else {
         loadPtr(Address(callFrameRegister, src * sizeof(Register)), scratch);
-        emitPutJITStubArg(scratch, argumentNumber);
+        poke(scratch, argumentStackOffset);
     }
 
     killLastResultRegister();
commit	de296270e828a597464ede4652d08daeed425767	[log] [tgz]
author	barraclough@apple.com <barraclough@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>	Fri Aug 21 02:57:10 2009 +0000
committer	barraclough@apple.com <barraclough@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>	Fri Aug 21 02:57:10 2009 +0000
tree	6d291f05304ad64a377f4a5369977feb614631fc
parent	e92d7bbf25883ab9f59ad2cf677cc4e3494557e7 [diff] [blame]