Changeset 36605 in webkit for trunk/JavaScriptCore

Timestamp:

Sep 17, 2008, 11:45:48 PM (17 years ago)

Author:

[email protected]

Message:

2008-09-17 Oliver Hunt <​[email protected]>

Correctly restore argument reference prior to SFX runtime calls.

Reviewed by Steve Falkenburg.

• VM/CTI.cpp: (JSC::CTI::privateCompileSlowCases): (JSC::CTI::privateCompile):

Location:

trunk/JavaScriptCore

Files:

• ChangeLog (modified) (1 diff)
• VM/CTI.cpp (modified) (2 diffs)

trunk/JavaScriptCore/ChangeLog

@@ +1 @@
+2008-09-17  Oliver Hunt  <[email protected]>
+
+        Correctly restore argument reference prior to SFX runtime calls.
+        
+        Reviewed by Steve Falkenburg.
+
+        * VM/CTI.cpp:
+        (JSC::CTI::privateCompileSlowCases):
+        (JSC::CTI::privateCompile):
+
 2008-09-17  Cameron Zwarich  <[email protected]>
 

trunk/JavaScriptCore/VM/CTI.cpp

@@ -1977 +1977 @@
         case op_construct: {
             m_jit.link(iter->from, m_jit.label());
+            m_jit.emitRestoreArgumentReference();
 
             // We jump to this slow case if the ctiCode for the codeBlock has not yet been generated; compile it now.
@@ -2021 +2022 @@
     // Lazy copy of the scopeChain
     X86Assembler::JmpSrc callToUpdateScopeChain;
-    if ((m_codeBlock->codeType == FunctionCode) && m_codeBlock->needsFullScopeChain)
+    if ((m_codeBlock->codeType == FunctionCode) && m_codeBlock->needsFullScopeChain) {
+        m_jit.emitRestoreArgumentReference();
         callToUpdateScopeChain = m_jit.emitCall();
+    }
 
     privateCompileMainPass();