Ignore:
Timestamp:
Aug 20, 2009, 7:57:10 PM (16 years ago)
Author:
[email protected]
Message:

Numbering of arguments to emitGetJITStubArg/emitPutJITStubArg incorrect
https://bugs.webkit.org/show_bug.cgi?id=28513

Reviewed by Oliver Hunt.

The argumentNumber argument to emitGetJITStubArg/emitPutJITStubArg should match
the argument number used within the stub functions in JITStubs.cpp, but it doesn't.

Firstly, all the numbers changed when we added a void* 'reserved' as the first slot
(rather than leaving argument 0 unused), and secondly in 32_64 builds the index to
peek/poke needs to be multiplies by 2 (since the argument to peek/poke is a number
of machine words, and on 32_64 build the argument slots to stub functions are two
words wide).

  • jit/JIT.h:
  • jit/JITCall.cpp:

(JSC::JIT::compileOpCallSetupArgs):
(JSC::JIT::compileOpConstructSetupArgs):
(JSC::JIT::compileOpCallVarargsSetupArgs):
(JSC::JIT::compileOpCall):

  • jit/JITInlineMethods.h:

(JSC::JIT::emitPutJITStubArg):
(JSC::JIT::emitPutJITStubArgConstant):
(JSC::JIT::emitGetJITStubArg):
(JSC::JIT::emitPutJITStubArgFromVirtualRegister):

  • jit/JITOpcodes.cpp:

(JSC::JIT::privateCompileCTIMachineTrampolines):

  • jit/JITPropertyAccess.cpp:

(JSC::JIT::privateCompilePutByIdTransition):

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/JavaScriptCore/jit/JITPropertyAccess.cpp

    r47186 r47614  
    14041404        stubCall.addArgument(Imm32(newStructure->propertyStorageCapacity()));
    14051405        stubCall.call(regT0);
    1406         emitGetJITStubArg(3, regT1);
     1406        emitGetJITStubArg(2, regT1);
    14071407
    14081408        restoreReturnAddressBeforeReturn(regT3);
Note: See TracChangeset for help on using the changeset viewer.